A bill under discussion in the U.S. Senate could force Americans to take sides on two issues that are extremely important to millions of people: illegal immigration versus privacy.

The controversial legislation appears to be a solution to the problem of illegal immigration. It would require the issuance of identification cards for all workers in the United States. Besides the name and photograph, these cards would contain biometric information, such as fingerprints, so they would be extremely difficult to manipulate.

The goal is to tie the worker to his or her card. If the information doesn’t check out, then the person isn’t eligible to work legally in the country.

It’s a bold move, but it is one that should make privacy advocates more than a little nervous.

The cards would be, in effect, a national ID card, a tool supported by some law enforcement officials a few years ago but was shot down by opponents who believe such a card could hamper freedoms. The concern rests with the possibility that if the cards can contain biometric information, then they could one day include tiny components that allow the government to track the movements of citizens.

This bill, which has sponsors from both major political parties, faces a difficult road to becoming a law, but it does draw out an important question: Is freedom more important than solving the immigration issue?

Illegal immigration is a problem. The costs of providing education, providing health care and other services for illegal immigrants are exorbitant. A biometric identification card could be the solution, but it also imposes on legal immigrants and citizens. Such a card could start our nation down the slippery slope of eventually having something in our wallets that allow the government to track our every move.

There are other solutions, such as improving and then enforcing the use of the E-Verify system, in which a person’s legal status is reviewed during the hiring process. The Utah Legislature is considering such a move, albeit without any real penalties for businesses that ignore it.

The point is that although legislation may curb a big problem related to approximately 12 million to 14 million illegal immigrants, it could cause even larger problems for the other 300 million-plus people in the country.

Even the potential for giving up freedom is too high of price to pay.

By Leischen Stelter – 02.23.2010

CONCORD, N.H.—A bill introduced in the New Hampshire Legislature could have serious consequences for the development and deployment of biometric technology and could also jeopardize public confidence in the technology. HB 1409, sponsored by Rep. Neal Kurk, originated over concerns of privacy, but there is concern that the broadness of the bill could negatively impact the development of biometrics as an important security tool, said Don Erickson, director of government relations for Security Industry Association.

Specifically, this bill dictates, “no government agency or private entity shall issue an identification card, other than an employee identification card, or use an identification device or system, that requires the collection or retention of an individual’s biometric data.” The legislation also restricts the disclosure use of “biometric data as a condition of doing business with, engaging in any business activity or relationship with, or obtaining services from, that agency or entity.”

The legislation would ban all biometrics, including fingerprints, palm prints, facial features, voice data recognition, iris recognition, hand geometry and retinal scans, according to the bill.

If passed, this legislation would take effect on January 1, 2011.

SIA issued a statement saying that banning nearly all the uses of biometrics is an inappropriate response to privacy concerns. “The sponsor was concerned about privacy and the protection of individual privacy” not about issues of security, said Erickson. And, he contends, biometrics are actually more secure than other technologies. “With biometrics, you don’t have a password or a key to lose, it’s biometric information so you don’t have to worry about people stealing it,” he said.

Vijay Kumar, marketing manager for Ingersoll Rand Security Technologies, Schlage biometrics, agreed that biometrics pose minimal privacy concerns. “A lot of people don’t understand biometrics and these situations are based on misperceptions,” he said. “I think people confuse it with the systems they see on TV crime shows.” The major distinction, said Kumar, is differentiating between identification and authenticating systems. “Identification compares a person to all the people in the system and matches one to a number of samples,” he said. “Authentication is a one-to-one search, where a live biometric—a hand sample for example—is presented by a person and compared to a stored biometric given by the person by consent.”

He agrees with Erickson that biometrics are actually a very secure form of identification. “Biometrics of authentication is actually a more private situation than what we had when we used numeric codes and password and those types of identities are easy to capture,” he said.

However, industry members aren’t surprised this bill was introduced. Security concerns are not to be taken lightly. In this day and age, with increasing incidents of credit card and identity theft, people have a reason to be concerned about privacy, said Erickson. “The industry has taken steps to control personal identification information and it’s in their interest to,” he said. “End users need to be sensitive to this and spend time doing their homework on exactly how the technology works and privacy guards in place.”

And while this bill is troubling for those involved with biometrics, few think it will make much more progress in New Hampshire.  Erickson said the bill was recently voted down 11-6 in committee and doubts it will be reintroduced.

In the last ten days we have learnt that “persons unknown” stole the identity of British citizens and cloned modern UK passports to enter Dubai to perform an assassination. Last week, the Foreign Secretary got up in the House of Commons to say that his legal action before the Court of Appeal was to protect intelligence vital to national security given to the UK by the USA’s national security agencies.

There are obvious data protection consequences that flow from these events that are not being picked up by journalists as part of the current public discourse.

In relation to biometric passports, the official Government information states that all passports now issued contain ‘biometric’ details “which are unique to you – like your fingerprint, the iris of your eye, and your facial features”. In addition, “the chip inside the passport contains information about the holder’s face – such as the distances between eyes, nose, mouth and ears” which “can then be used to identify the passport-holder”.

Also the chip is protected in four ways:

• “a ‘digital signature’, which shows that the data is genuine and which country has issued the passport
• Basic Access Control, a ‘chip protocol’ that prevents the data being read without the passport holder’s knowledge
• Public Key Infrastructure (PKI), a digital technique that confirms the data on the chip was written by IPS and has not been changed, and
• the chips can only be read at a few centimetres’ distance from a chip reader – so they cannot be accidentally read”.

So, by implication, either “persons unknown” using the UK Passports in Dubai managed to evade some of the above security checks (including any biometric security) or airport security arrangements at a major international airport has suffered a complete failure. Which one is most culpable? It is a very important question.

For instance, if some or all the biometric features that protect the Passport have been “overcome”, where does this leave the biometric security on the ID Card? If one agency can get round the security, isn’t it rather obvious that others can do so also? Does every significant ID Card check now need a reference to personal data stored on the National Identity Register (and recorded on that infamous audit trail) as the means of making sure an ID Card is not a clone? If so, then the ID Card costs have just increased significantly.

In relation to the intelligence issue, I accept that there are immense difficulties. However, if we start from the position that intelligence is information from which one can deduced or infer a possible action, then the position becomes clearer. For example, if “X has been in contact with Y” then it might be important to put “Y” on a watch list.

However, I do not think that “X has been water-boarded” qualifies as intelligence – it is a description of what has happened to X. It might be confidential to qualify the intelligence by explaining that “intelligence from X has been gained under torture”, but there again, it is the information that is provided that is the “intelligence” and not the means by which it was extracted from the informant.

In other words, the Foreign Secretary’s claim that “The seven paragraphs contain summaries of American intelligence relating to Mr Mohamed’s case held in UK files” cannot possibly be substantiated by the facts. One cannot possibly undermine the principle of protecting intelligence sharing if the information itself does not qualify as intelligence (in this case, it relates to inhuman or degrading treatment).

Reference: In my evidence to the Joint Committee on Human Rights published in 2006, I explore national security in the context of Parliamentary scrutiny, data protection, human rights and terrorism. I explain why the UK system of scrutiny desperately needs an overhaul (http://www.amberhawk.com/policydoc.asp)

The New Hampshire legislature is considering a bill which would ban biometric data, including fingerprints, retinal scans, DNA, palm prints, facial feature patterns, handwritten signature characteristics, voice data, iris recognition, keystroke dynamics, and hand characteristics from being used in state or privately issued ID cards, except for employee ID cards

The move toward biometric IDs is accelerating, but New Hampshire wants to buck this trend. Acting out of concerns for residents’ privacy, the New Hampshire Legislature is considering a bill that would ban the use of biometrics data in identification cards. At least two trade groups oppose the legislation, saying biometrics technology has a number of security benefits.

The bill would prohibit biometrics data, including fingerprints, retinal scans, and DNA, from being used in state or privately issued ID cards, except for employee ID cards. In addition, it would ban the use of ID devices or systems that require the collection or retention of an individual’s biometric data.

SC Magazine’s Angela Moscaritolo writes that under the bill, biometric data would also include palm prints, facial feature patterns, handwritten signature characteristics, voice data, iris recognition, keystroke dynamics, and hand characteristics. “That’s the kind of information the government shouldn’t generally require to be gathered about an individual,” New Hampshire Representative Daniel Itse, who co-sponsored the bill, toldSCMagazineUS.com on Wednesday.

The bill has drawn criticism from several organizations, including the Security Industry Association (SIA), a business trade group covering the electronic and physical security market. “SIA firmly believes that the broad restrictions proposed by [the bill]… reflects a significant misunderstanding of the security features and privacy safeguards of this widely-adopted technology,” the group said in a statement. SIA encouraged a New Hampshire House committee to reject the bill and conduct a study into the merits of biometrics technology.

Moscaritolo writes that this is the only pending bill of its kind in the nation, but in the past there have been similar legislative actions taken in opposition of biometrics technology, Don Erickson, director of government relations for SIA, told SCMagazineUS.com. “We are concerned about seeing a pattern of these bills start to pop up in states, which will result in a patchwork of different laws that organizations would have to comply with,” Erickson said.

A similar bill, introduced several years ago in Pennsylvania to limit the use of biometrics, was never acted on, Erickson said.

In contrast, numerous bills have passed at the state and federal levels to authorize and implement systems that use biometrics technology for personal identification, Walter Hamilton, chairman and president of the International Biometric Industry Association (IBIA), a nonprofit trade association representing developers, manufacturers, and integrators of biometrics, told Moscaritolo. “We think it’s inappropriate to single out a technology and say, ‘Thou shall not use,’” Hamilton said. “We think there are many examples of useful applications where it protects citizens.” The use of biometrics can thwart fraud and identity theft by ensuring a person is who they claim to be, he said.

Moscaritolo notes that the bill was introduced in January in the New Hampshire HouseCommerce and Consumer Affairs Committee. It was the subject of a public hearing Tuesday and is scheduled for discussion Thursday in an executive session of the committee.

If Simple Credit Cards are cloneable just imagine how ”New ID cards” are supposed to be ‘unforgeable’ – but it took expert minutes to clone one, and program it with false data

By Cory Doctorow at 11:43 PM February 11, 2010

(Chip and PIN is broken via Schneier)

BBC: New flaws in chip and pin system revealed

Noted security researcher Ross Anderson and colleagues have published a paper showing how “Chip-and-PIN” (the European system for verifying credit- and debit-card transactions) has been thoroughly broken and cannot be considered secure any longer. I remember hearing rumbles that this attack was possible even as Chip-and-PIN was being rolled out across Europe, but that didn’t stop the banks from pushing ahead with it, spending a fortune in the process.

The flaw is that when you put a card into a terminal, a negotiation takes place about how the cardholder should be authenticated: using a PIN, using a signature or not at all. This particular subprotocol is not authenticated, so you can trick the card into thinking it’s doing a chip-and-signature transaction while the terminal thinks it’s chip-and-PIN. The upshot is that you can buy stuff using a stolen card and a PIN of 0000 (or anything you want). We did so, on camera, using various journalists’ cards. The transactions went through fine and the receipts say “Verified by PIN”.

It’s no surprise to us or bankers that this attack works offline (when the merchant cannot contact the bank) — in fact Steven blogged about it here last August.

But the real shocker is that it works online too: even when the bank authorisation system has all the transaction data sent back to it for verification. The reason why it works can be quite subtle and convoluted: bank authorisation systems are complex beasts, including cryptographic checks, account checks, database checks, and interfaces with fraud detection systems which might apply a points-scoring system to the output of all the above. In theory all the data you need to spot the wedge attack will be present, but in practice? And most of all, how can you spot it if you’re not even looking? The banks didn’t even realise they needed to check.

By Elizabeth Cohen, CNN Senior Medical Correspondent

(CNN) — When Annie Brown’s daughter, Isabel, was a month old, her pediatrician asked Brown and her husband to sit down because he had some bad news to tell them: Isabel carried a gene that put her at risk for cystic fibrosis.

While grateful to have the information — Isabel received further testing and she doesn’t have the disease — the Mankato, Minnesota, couple wondered how the doctor knew about Isabel’s genes in the first place. After all, they’d never consented to genetic testing.

It’s simple, the pediatrician answered: Newborn babies in the United States are routinely screened for a panel of genetic diseases. Since the testing is mandated by the government, it’s often done without the parents’ consent, according to Brad Therrell, director of theNational Newborn Screening & Genetics Resource Center.

In many states, such as Florida, where Isabel was born, babies’ DNA is stored indefinitely, according to the resource center.

Many parents don’t realize their baby’s DNA is being stored in a government lab, but sometimes when they find out, as the Browns did, they take action. Parents in Texas, and Minnesota have filed lawsuits, and these parents’ concerns are sparking a new debate about whether it’s appropriate for a baby’s genetic blueprint to be in the government’s possession.

“We were appalled when we found out,” says Brown, who’s a registered nurse. “Why do they need to store my baby’s DNA indefinitely? Something on there could affect her ability to get a job later on, or get health insurance.”

According to the state of Minnesota’s Web site, samples are kept so that tests can be repeated, if necessary, and in case the DNA is ever need to help parents identify a missing or deceased child. The samples are also used for medical research.

Art Caplan, a bioethicist at the University of Pennsylvania, says he understands why states don’t first ask permission to screen babies for genetic diseases. “It’s paternalistic, but the state has an overriding interest in protecting these babies,” he says.

However, he added that storage of DNA for long periods of time is a different matter.

“I don’t see any reason to do that kind of storage,” Caplan says. “If it’s anonymous, then I don’t care. I don’t have an issue with that. But if you keep names attached to those samples, that makes me nervous.”

DNA given to outside researchers

Genetic testing for newborns started in the 1960s with testing for diseases and conditions that, if undetected, could kill a child or cause severe problems, such as mental retardation. Since then, the screening has helped save countless newborns.

Over the years, many other tests were added to the list. Now, states mandate that newborns be tested for anywhere between 28 and 54 different conditions, and the DNA samples are stored in state labs for anywhere from three months to indefinitely, depending on the state. (To find out how long your baby’s DNA is stored, see this state-by-state list.)

Brad Therrell, who runs the federally funded genetic resource consortium, says parents don’t need to worry about the privacy of their babies’ DNA.

“The states have in place very rigid controls on those specimens,” Therrell says. “If my children’s DNA were in one of these state labs, I wouldn’t be worried a bit.”

The specimens don’t always stay in the state labs. They’re often given to outside researchers — sometimes with the baby’s name attached.

According to a study done by the state of Minnesota, more than 20 scientific papers have been published in the United States since 2000 using newborn blood samples.

The researchers do not have to have parental consent to obtain samples as long as the baby’s name is not attached, according to Amy Gaviglio, one of the authors of the Minnesota report. However, she says it’s her understanding that if a researcher wants a sample with a baby’s name attached, consent first must be obtained from the parents.

More Empowered Patient news and advice

Scientists have heralded this enormous collection of DNA samples as a “gold mine” for doing research, according to Gaviglio.

“This sample population would be virtually impossible to get otherwise,” says Gaviglio, a genetic counselor for the Minnesota Department of Health. “Researchers go through a very stringent process to obtain the samples. States certainly don’t provide samples to just anyone.”

Brown says that even with these assurances, she still worries whether someone could gain access to her baby’s DNA sample with Isabel’s name attached.

“I know the government says my baby’s data will be kept private, but I’m not so sure. I feel like my trust has been taken,” she says.

Parents don’t give consent to screening

Brown says she first lost trust when she learned that Isabel had received genetic testing in the first place without consent from her or her husband.

“I don’t have a problem with the testing, but I wish they’d asked us first,” she says.

Since health insurance paid for Isabel’s genetic screening, her positive test for a cystic fibrosis gene is now on the record with her insurance company, and the Browns are concerned this could hurt her in the future.

“It’s really a black mark against her, and there’s nothing we can do to get it off there,” Brown says. “And let’s say in the future they can test for a gene for schizophrenia or manic-depression and your baby tests positive — that would be on there, too.”

Brown says if the hospital had first asked her permission to test Isabel, now 10 months old, she might have chosen to pay for it out of pocket so the results wouldn’t be known to the insurance company.

Caplan says taking DNA samples without asking permission and then storing them “veers from the norm.”

“In the military, for instance, they take and store DNA samples, but they tell you they’re doing it, and you can choose not to join if you don’t like it,” he says.

What can parents do

In some states, including Minnesota and Texas, the states are required to destroy a baby’s DNA sample if a parent requests it. Parents who want their baby’s DNA destroyed are asked to fill outthis form in Minnesota and this form in Texas.

Parents in other states have less recourse, says Therrell, who runs the genetic testing group. “You’d probably have to write a letter to the state saying, ‘Please destroy my sample,’” he says.

He adds, however, that it’s not clear whether a state would necessarily obey your wishes. “I suspect it would be very difficult to get those states to destroy your baby’s sample,” he says

By ANGELA CHARLTON
Associated Press Writer – Charlotte Observer

DAVOS, Switzerland The biggest travel threat facing the world now is passport fraud, according to the chief of Interpol – the millions of stolen documents that could be used by terrorists or criminals to travel worldwide.

Airport body scanners, embraced by many in the aftermath of the attempted Christmas Day airplane bombing, are a misguided solution to travel threats, Interpol Secretary-General Ronald K. Noble told The Associated Press in an interview Thursday night.

“The greatest threat in the world is that last year there were 500 million, half a billion, international air arrivals worldwide where travel documents were not compared against Interpol databases,” he said on the sidelines of the World Economic Forum, where 2,500 business and political leaders are gathered in this Alpine resort.

“Right now in our database we have over 11 million stolen or lost passports,” he said. “These passports are being used, fraudulently altered and are being given to terrorists, war criminals, drug traffickers, human traffickers.”

The solution, he said, is better intelligence, and better intelligence sharing, among countries.

“You don’t know the motivation behind the person carrying the passport,” he said. If you’re a terrorist, he said, “Are you going to carry explosives that are going to be detected? No.”

Many U.S. airports use the body-scanning machines and airports in other countries are adopting them after Nigerian Umar Farouk Abdulmutallab allegedly tried to detonate explosives hidden in his underwear Dec. 25 on the Detroit-bound flight.

But Noble questioned “the amount of money and resources that go into these (body-scanning) machines.”

He cited a case two weeks ago in a Caribbean country where five people were arrested carrying European passports, but were caught after they were found to be carrying stolen passports – one stolen back in 2001. The five had “definite links to crime, organized crime, human trafficking but no definite links to terrorism,” he said, though he wouldn’t name the country.

He said U.S. authorities are recognizing the threat of passport fraud – in 2006, U.S. authorities scanned the Interpol database about 2,000 times, while last year they did so 78 million times. They came up with 4,000 people traveling on stolen or lost passports.

Intelligence experts have cast doubt on the usefulness of the so-called no-fly lists of suspects shared among airports worldwide, saying that criminals can change their names or make simple name spelling changes that render them untrackable.

“(The lists) are useful but I don’t believe they are the be-all and end-all,” Noble said, adding he was concerned about governments’ efforts to expand them.

Noble, who has expanded Interpol’s efforts to fight terrorism, cybercrime, corruption and maritime piracy in his nearly 10 years at the helm of international police agency Interpol, also had words of warning for people hoping to donate money to Haiti after its devastating earthquake.

“Be very careful,” he said, citing several cases of fraudsters preying on donors and stealing their money via fake charity Web sites.

“Whenever there’s a tragedy it seems to bring out the best in people and unfortunately the worst,” he said. He said several U.S. sites have been taken down since the earthquake after they were found to represent no known charity.

Interpol has a team helping identify victims in Haiti, a daunting task with an estimated 200,000 dead. Another daunting task will be rebuilding Haiti’s law enforcement.

Policing in Haiti “was a challenge before this happened,” he said.

by Erik Sass, MediaDailyNews

A new report presented at the Federal Trade Commission’s Privacy Roundtable in Berkeley, Calif., warns of threats to consumer privacy posed by new tracking technology incorporated into some digital signage.

Produced by an organization called the World Privacy Forum, the report also presents a recommended code of conduct crafted by an out-of-home advertising industry organization, the Point of Purchase Advertising Institute (POPAI), to avoid transgressions that could inspire consumer backlash.

The new report, titled “The One-Way-Mirror-Society: Privacy Implications of Digital Signage,” mentions a number of “mid-range” tracking technologies. It includes technology that allows digital signage to track heat paths (showing a consumer’s movement, for example, around a retail environment) and separate technology that tracks the consumer’s gaze, to determine what part of the sign is most interesting.

But the most controversial technology currently being used allows digital signage to scan the facial features and other physical characteristics of passers-by to determine their age, gender and ethnicity.

The WPF also produced a list of preliminary but fairly stringent recommendations from POPAI. Some of the notable suggestions include “no one-sided industry self regulation,” implying the government may need to formulate standards and regulate the industry.

The WPF points out that this recommendation isn’t actually that far-reaching, since there are already a number of state and federal laws governing marketing in public places and the kind of consumer information that can be gathered with or without consumers’ consent. In other words, there is a substantial body of legal standards already in place, such as laws prohibiting marketers from offering a special promotion only to one kind or class of consumer (e.g., a special discount available only to women).

The organization’s recommendations also include prominent disclosure by signage that tracking technology is being used; no storage of biometric or other personally identifying data without a consumer “opt-in”; and no re-purposing of footage from security cameras or tracking technologies originally employed for another purpose (like fire safety compliance).

‘Positively chilling’ says Liberty

By John Ozimek • The Register

Radical Think Tank Open Europe has this week exposed a study by the EU that could lead to the creation of a massive cross-Europe database, amassing vast amounts of personal data on every single citizen in the EU.

The scope of this project also reveals a growing governmental preference for systems capable of locking people up not for what they have done, but for what they might do.

Open Europe (OE) researcher, Stephen Booth, has been reviewing projects currently in receipt of EU funding. Last week he identified one of these - Project INDECT – as having potentially far-reaching effects for anyone living or working in Europe. The main objectives of this project, according to its own website, are:

To develop a platform for: the registration and exchange of operational data, acquisition of multimedia content, intelligent processing of all information and automatic detection of threats and recognition of abnormal behaviour or violence, to develop the prototype of an integrated, network-centric system supporting the operational activities of police officers.

In addition, it aims “to develop a set of techniques supporting surveillance of internet resources, analysis of the acquired information, and detection of criminal activities and threats.”

There are two controversial aspects to this research. First is the extent of data collection implied by the project scope. Second, and perhaps far more worrying, is the proposition that law enforcement agencies, in possession of sufficient data, will in future be able to model potentially criminal and anti-social behaviour and therefore focus on individuals before crimes are committed.

In this, it echoes another EU-sponsored piece of research – ADABTS – which is all about Automatic Detection of Abnormal Behaviour and Threats in crowded Spaces. According to the ADABTS prospectus, it “aims to develop models for abnormal and threat behaviours and algorithms for automatic detection of such behaviours as well as deviations from normal behaviour in surveillance data.”

The INDECT project is co-ordinated by Polish academic Professor Andrzej Dziech. Participants include several institutions from Poland – which until recently had its own issues with over-arching state surveillance – as well as the Northern Ireland Police Service.

Shami Chakrabarti, the director of human rights group Liberty, described this approach as a “sinister step” for any country, but “positively chilling” on a European scale.

Stephen Booth added: “The problem with the EU funding these types of projects is the lack of accountability. Citizens are left completely in the dark as to who has approved them and there is no way to ensure that civil liberties are being duly respected.

“The absence of any political debate about the use of these new surveillance technologies in our society is a very dangerous trend, which is especially acute at the EU level.”

However, the idea of punishing potential criminals is not just an EU notion. As El Regreported last year, the Home Office has certainly considered the use of automated profiling to check travellers at points of entry to the UK. This has been controversial, both because of the veiled racism implied by such a policy, as well as evidence provided to the Home Office that it might not actually work.

However, the Vetting Database – which is due to go live later this year – will take decisions on whether people are fit to work in millions of “regulated” positions on the basis of a scoring system, designed to “predict” likelihood to offend.

The introduction of predictive models into society appears to be carrying on apace, with very little public debate as to how desirable they are, or how the state should compensate citizens where mistakes occur. There is also a blurring of the lines between predicting a threat – in which case law enforcement officers can be asked to investigate – and simply predicting criminality and penalising an individual on the basis of something they have not yet done.

OE is interested in seeing less formal integration across Europe, and a return to more issues being resolved at the national level. Their investigation looked at funding provided under the Seventh Framework Programme (FP7). This can be accessed via the Cordis portal, and is a mechanism whereby funds controlled by the EU Commission are made available for research projects.

The existence of an FP7 project is not necessarily an indicator of EU policy in an area, but it is clear evidence of some interest in the approach being investigated.

Project INDECT launched on 1 January this year with a project budget of 14.86 million Euros. It is due to deliver the goods, including a 15-node pilot project, by the end of 2013. ®