Biometrics unreliable, says EU privacy head

European Data Protection Supervisor Peter Hustinx criticized governments' fondness for biometrics to identify citizens and warned that greater interoperability of databases may have serious implications for people.

In response to a recent communication by the European Union on the interoperability of several databases, including the Visa Information System and Eurodac, Hustinx issued an opinion calling for a better analysis of the data protection implications.

"Interoperability is mentioned not only in relation to the common use of large-scale IT systems but also with regard to possibilities of accessing or exchanging data, or even of merging databases," according to the opinion. "This is regrettable since different kinds of interoperability require different safeguards and conditions."

The supervisor is also a proponent of the introduction of a so-called purpose limitation principle, which would require data to be processed fairly and lawfully and for a legitimate purpose. New data protection safeguards are therefore needed, Hustinx added.

The supervisor also hit out at the use of biometrics as unique identifiers for European citizens within databases, saying that fingerprint or DNA identifications are too inaccurate and can facilitate the unwarranted interconnection of databases.

"It is regrettable that the protection of personal data has not been explored sufficiently as an inherent part of the improvement of the interoperability of relevant systems," Hustinx said.

"The EDPS suggests adding to this communication a more consistent analysis on data protection, including privacy-enhancing technologies to improve both effectiveness and data protection," he added.

Jo Best of Silicon.com reported from London.

[wrogers]

Biometrics Unreliable? PINs are Unreliable

Biometric identification technology is far more security than using Personal Identification Numbers. PINs are a disaster waiting to happen. While biometric ID is not perfect, it is far superior that what we have today.

Any organization that requires positive identification (and who doesn't) should take steps to embrace technology. Where would we be today if retailers did not accept credit cards? Where will we be in the future if we do not embrace technology to combat fraud. It's time all business execs wake up.

Today's technology provides positive identification using personal characterics - and biometric ID is getting better every day.

[jzsaxpc]

Well, we must be carefull

Sure, it is much better, but lets not treat it like some perfect system. Today, we have Credit card identity theft stuff, well, if you put everything on biomatricies, there will be problems.

Great example, there are many people who were suppost to be twins, but the two eggs merged, and so these people are created from two cell lines, not one, which means they have two sets of DNA, there have been quite a few mix-ups in court because of this. This means that half the time it'll be the same, half the time, different, odd huh? But what are you going to do about it.

I think biometrics need to be more then one thing, like you stand on a scale, and so your hight and weight are noted (so that if you are 5'3, 140, some large guy can't pose as you), ALONG with fingerprint, and vein placement. This can assure you a much larger chance that if there is a problem, it can be indentified, and is much safer.

[rcrusoe]

PINS ARE UNRELIABLE? People are unreliable

Identification systems are only as good as the people who design
and use them.

I can change my pin number. When someone steals a biometric
database contining my data where do I exchange my eyes?

[jesdog]

Where would we be without credit cards?

Answer: More secure; less in debt, and a heluva lot richer. And we would have more privacy and be less vulnerable to anonymous exploitation. Historically the more "Security Measures" utilized by technology regarding the disclosure (essentially public anyway, since it is in the market place) of our personal information and finances, the more vulnerably we become to the concentration of data about ourselves in third party hands. Security measures in technology is an illusion. The more information you give to third parties (including institutions of all types, i.e. entities) the more exposed you become to having the information developed by other humans, must of whom are strangers. ... and no technology is flawlessly secure. Ultimately the negative consequences of such disclosure is inevitable.
Ever notice that those people who are wealthy don't have many credit cards and never carry balances on them; and they never own debit cards. Do you wonder why?

[Iohagh]

Hello wake up there please.

Last August at a conference in Las Vegas as the US and its industry was touting biometrics and wands, guess what, it was widely reported even in the NY Times that a bunch of California IT guys hacked into the system from 800 feet away on the roof of the Casino.

In short, wireless sucks even if it is stuck in your brain or other nether parts. It just doesn't work in a way that cannot be captured by unsophisticated crooks.

I wonder why the smartest guys in the world want to make stuff work that doesn't. Is it a guy thing like driving down the wrong road but being too proud to ask for directions or admit they are lost.

All this testosterone is costing the consumers money and creating a national security risk to all countries and banks. Maybe they are dreaming. OK hubby, wake up smell the coffee and get us a hardware solution and a map on the way to the store. That's all I got to say. Ciao now.

Janet.

[mordini]

ONLINE PUBLIC CONSULTATION ON BIOMETRICS

Hi to everyone,
I'm the coordinator of a European Commission project on ethical and social implications of biometrics (BIOMETRIC IDENTIFICATION TECHNOLOGY ETHICS - BITE www.biteproject.org). We have just launched a web consultation and we would be delighted if those who are interested in the issue will to contribute. To access it, please link up to the following address:

http://www.biteproject.org/public_consultation.asp