New biometric smart ID cards

Jane Duncan
Mauritius is known to South Africans mainly as a holiday destination, brimming with idyllic beaches, luxurious hotels and stunning scenery. However, there are other, less well-known ties that bind the two countries together. At the moment, both countries are introducing “smart” ID cards, requiring their citizens to give biometric information to the government in the form of their fingerprints, to establish their legal identities. This information will also be recorded in national population registers.

Biometrics involves the use of unique physical characteristics to verify a person’s identity, stored in a digital format and analysed by computers. Biometrics are being used increasingly for an array of public administration purposes, and fingerprints are the most commonly used, but facial or voice recognition may also be used too.

Both governments give similar reasons for these schemes: the cards are secure, they argue, as their personal information, including their fingerprints, is stored in contact-less microchip that is difficult to tamper with. They argue that these security measures will stamp out identity fraud and theft.

These initiatives sound laudable, yet Mauritians are rising up and opposing the ID cards, claiming that they threaten privacy and even democracy itself. Three court cases have been brought against the system on constitutional grounds. Mauritius’s plans are much more draconian than South Africa’s, as the former requires people to enrol in the new system and carry their identity cards at all times, yet this is not the only reason why Mauritians are objecting.

One organisation involved in the struggle, Lalit de Klas, is arguing that the system, dubbed ‘‘big brother’’, will allow the government to build up a profile of individuals that could be used against them in future if they are considered to be threats to government interests.

Many other countries are attempting to introduce biometrically based national population registers, and many citizens have opposed them too. They have opposed what has been called “dataveillance”, where electronic databases enable lifelong surveillance by allowing the government to build up a clear picture of people’s ongoing movements, habits and preferences. The amassing of this information can allow governments to profile those who could be political threats to ruling interests.

In fact, centralised biometric databases are the perfect police state tool. Since the September attacks on the US, governments are turning themselves increasingly into one-way mirrors, where they can see into more aspects of people’s lives, while their own actions are becoming more opaque due to excessive secrecy. These databases can act as powerful mechanisms of social control, as citizens may become more subservient because they fear that the state is watching.

What are the issues? Biometrically based identity verification is susceptible to error, as it offers only a probability of a match based on the likeness of stored physical characteristics; it cannot verify identities with certainty. Some people, such as miners and others who work with their hands, have difficulties enrolling as they may not have well-defined fingerprints; this means that biometric technology is inherently discriminatory.

Biometrics also suffer from controversial margins of error, including false matches (“false positives”), or biometrics not being recognised (“false negatives”). Fingerprints have the highest rate of error. In extreme situations, a person could even become a criminal suspect based on false information; in 2004, US attorney Brandon Mayfield was falsely linked to the train bombings in Madrid on the basis of a false match.

Criminals can also synthesise (or “spoof”) fingerprints and create fictional identities. Electronic databases are also vulnerable to hacking, which can lead to biometric information being stolen, altered or even destroyed. Yet if this happens, then the consequences could be much more serious than breaches involving databases that are not biometrically based. People’s identities are compromised permanently when their biometrics are compromised, as they cannot replace their fingers, eyes or voices. Such breaches create the risk of someone becoming an “un-person”, unable to prove that they are who they say they are.

Identity theft is more common in single reference systems such as centralised national population registers, as they create a single point of failure, and centralisation increases rather than reduces the potential for fraud. Doppelganger matches also become more likely in large-scale databases. These uncertainties mean that there needs to be a record to refer back to, such as physical fingerprints. Yet too many governments are failing to build these safeguards into these systems, in their overzealous bids to ‘‘modernise’’ and transform themselves into paperless societies.

The dangers became apparent in Israel in 2006, when the personal information of nearly every Israeli citizen was stolen from the country’s national population register, sent to the criminal underworld and then dumped on the open internet. As Lalit’s Rajni Lallah has observed: So, one of the most ‘national security obsessed’ states in the world cannot even ensure the security of its citizens’ personal data once it has centralised it.

Biometric information may also be used for purposes for which it was never intended when the person enrolled. This ‘‘function-creep’’ risks violating a person’s right to data sovereignty in the process, which is the right to determine how your personal data is used.

Fingerprinting is also inherently associated with criminality. Sorting individuals according to their physical characteristics is dehumanising, and can become a dangerous tool in the hands of authoritarian governments bent on social sorting according to particular characteristics such as race, gender or age.

Given the dangers, the tide has begun to turn against centralised biometric databases in the North, and an increasing number of countries have lost the political will to establish them.

In the UK, a single-issue campaign against state control of personal identity, called No2ID, successfully opposed the government’s attempt to introduce biometric ID cards and database. They warned against the dangers of what they called the ‘‘database state’’, which they claimed operationalised the government’s wish to manage society by keeping a constant check on its citizens. The government eventually scrapped the plans. US plans to introduce a similar scheme have all but ground to a halt.

Germany has forbidden centralisation of population information, because of its historical experience with Nazism, which used population records to practise one of the most ghastly cases of discriminatory social sorting the world has ever seen. Some countries have resorted to local storage of biometric data, which is embedded in the chip on the ID card or passport, without being saved in a centralised database.

However, countries in the South have jumped on the biometric bandwagon, including South Africa, in spite of the many red flags about the technology. The International Criminal Police Organisation (Interpol), the World Bank, and private security multinationals have worked tirelessly to promote biometrics in the South, to manage what they perceive to be problem populations and to keep them out of an increasingly fortified North. Some Northern countries that have refused to subject their own populations to biometrics have nevertheless implemented the technology in border control.

Yet, opposition is growing in the South, too. Recently, the Indian Supreme Court directed the government to withdraw orders making the card mandatory for providing any service, and disallowing it from sharing any ID information without the prior permission of the card holder.
South Africa has had a centralised national population registry for many years, the Home Affairs National Identification System (HANIS).

Unlike Mauritius, South Africa is not compelling its citizens to enrol and carry ID cards; but there is compulsion by stealth, as people will gradually be unable to undertake basic civil functions without a card.

Why have biometric databases not become as controversial in South Africa as they have elsewhere? According to Wits University academic Keith Breckenridge, opposition usually begins when engineers and scientists, who understand the technical issues, team up with journalists, civil society and grassroots movements to publicise the dangers.

Duncan is a Professor of Journalism at the University of Johannesburg.

facebookShare on Facebook
TwitterPost on X
FollowFollow us
PinterestSave

Related Posts

ZIMSTAT calls for improved data sharing across Government
ZIMSTAT calls for improved data sharing across Government

Tendai Gukutikwa Post Reporter THE Zimbabwe National Statistics Agency (ZIMSTAT) has urged Government ministries, departments and agencies to strengthen data-sharing practices to enhance the production of official statistics and support…

Continue reading
ZACC launches grassroots fight against corruption
ZACC launches grassroots fight against corruption

Luthando Mapepa Correspondent THE Zimbabwe Anti-Corruption Commission (ZACC) is rolling out district anti-corruption chapters across all districts in Manicaland Province as part of efforts to empower citizens to actively participate…

Continue reading

Leave a Reply

Your email address will not be published. Required fields are marked *

×
×