Biometric Identification and the State: Friend or Foe?

In the last decade, biometrics have exploded across the world for one main purpose: security.

In the wake of 9/11, fear has sparked those in power to develop increasingly sophisticated technologies in an effort to protect citizens from danger.

Further uses of biometrics to governmental and commercial ends have been recognised and in some cases, realised.

Before diving into these modern day applications, it pays to first answer two simple questions, what are biometrics and where did they come from?

Biometrics and their origins

Biometrics are any physical feature of a person that can be used to uniquely identify said person, most commonly fingerprints, facial photographs and eye scans (Divan 2014: 161).

Behavioural traits can also be included in this definition, for example, voice and gait recognition (Maguire 2009).

To be effective data, the information should ideally be:

  • Unique
  • Easy to collect
  • Permanent i.e. unchanging over time
  • Easy to understand and interpret (Shen, W. And Tan, T. 1999: 11065)

This form of identification first came to light in the Western world in the late 19th century, when Henry Faulds observed that fingerprints ‘could be compared visually, potentially leading to the “scientific identification of criminals”’ (Maguire 2009: 10).  Further reports from this era suggest the practice went back thousands of years. (Beaven 2002 in Maguire 2009: 10)

The desirability behind the idea was that these traits were unique to individuals and thus difficult to imitate. This is what would make them ideal for law enforcement.

The Modern Day

Biometric identification relates to information technology systems which use the characteristics listed above to confirm or reject the identity of an individual (Barde and Zadgaonkar 2014: 2). The most common environment in which people encounter biometric identification is at the airport or in areas with restricted access (Maguire 2009: 9).

The intersection of ‘knowledge and power over populations and the securitisation of individual identity’ is the key to biometrics (Maguire 2009: 13). This has remained unchanged since its adoption in the late 19th century. In essence, it acts both as a tool for sovereign states to have awareness of and exercise control over citizens whilst simultaneously ensuring the individual can safeguard the identity they are outwardly understood to possess.

Beyond the use of biometric identification for national security purposes, The European Parliament detailed in their report the spread of these technologies for uses in welfare and benefit payments, reduced-risk financial transaction processing and everyday surveillance (Maghiros et. Al 2005 in Maguire 2009: 14). In 2009, they were discussing that the more populations became accustomed to these technologies at border control, the more likely the expansion of these technologies would not faze them.

In 2018, these hypotheses would appear to have been proven correct. When using our phones, for example, we rely upon fingerprint technology to allow us access to the interface. To commercial ends, fingerprints are now widely accepted for banking identification and purchasing decisions on online platforms. The latest iPhone model allows the user to unlock their phone with facial recognition technology. These uses have only just begun, and will continue to accelerate.

India and the AADHAR Card

The AADHAR card is a randomised 12 digit number used to identify individuals that are part of the program (Divan 2014: 160). This number is compared against information collected by the UIDAI agency, which an administrative body of the Planning Commission of India. This information, consistent with the definition of biometrics provided above, includes all 10 fingerprints, iris scans of both eyes and facial recognition photography (Divan 2014: 161).

The information is gathered from private sources before they are sent via USB, courier or direct uploading to the Central ID Repository (CIDR) (Divan 2014: 161).

The AADHAR verification system works via the internet. The information is collected with a small fingerprint scanner, if this were the feature to be verified, compares it to the information stored again the 12 digit number in the CIDR, and confirms or denies the individual is who they claim to be.

This system doesn’t appear to be particularly revolutionary. In modern society, biometrics are already used for a wide variety of functions, for example with mobile phones as listed above.

The issue perceived by Divan, presents itself on two fronts, namely privacy and freedom of choice.

Firstly, Divan argues that biometric information is legally enshrined in the Indian constitution as the property of individual citizens. Furthermore, he posits that they are entitled to keep this information private.

In another vein, he describes the potential for misuse of this system via an example of the exclusions that could be inflicted.

From a legal perspective, he offers explanations as to why he opposes the project:

    • It contradicts the concept of limited government that prevents the government of India from overstepping their constitutional powers as enshrined in the country’s constitution.
    • The Constitution has been designed to balance individual freedoms against governmental prerogative. Therefore, if the proposed actions are to override basic rights, there must be statute to support them. In this case, it is merely executive decision-making which invalidates the government’s claim to collect such information, even with the permission of individuals.
    • The project is also ultra vires, in layman’s terms beyond the scope of the law, as there is no regulatory advice on
      > who can collect this type of information
      > how the information can be collected/stored
      > how the data is to be protected at all stages of the process
      > who can use the data and when
    • Citizens are not informed of dangers of the use of this information
    • There is no guarantee of security of the data
    • The project itself violates the fundamental right to privacy (Divan 2014: 164-165)

The AADHAR project is alive and well in India despite Divan’s many valid claims. Although there are positive aspects to the implementation of this system, the lack of security that has allowed hacks to occur has already made itself known.

Furthermore, the ignorance of Indians’ constitutional right to privacy and bodily autonomy enshrined in their constitution makes the decision to pursue the project seem incomprehensible.

Would such a system be desirable in Australia for these same reasons?

HANIS in South Africa

HANIS is the Home Affairs National Identification Scheme, a project designed to reconstruct the national population identity register of South Africa that was notoriously unreliable following the years of apartheid (Breckenridge 2005: 276).

The original design of the system was similar to that of AADHAR – fingerprint data would be collected, a lot of which already existed thanks to policies operating during apartheid. This would be stored in an Automated Fingerprint Identification System (AFIS) that was designed by an external firm with software to manage the system from other companies (Breckenridge 2005: 277). This data would then be encoded into printed magnetic swipe cards that could be used for a range of functions, namely:

    • Identifying suspected criminals in databases
    • Identifying and processing criminals through the judicial system
    • Social welfare management
    • Regulatory processes e.g. drivers license verification for Transport workers

      (Breckenridge 2005: 278)

This is merely the original proposal for governmental functions. The Home Affairs Department of South Africa actively encouraged private enterprise to develop programs that could function with the HANIS technologies. In theory, this would provide the government with a centralised view of their population.

Similarly to Divan, Breckenridge highlights the lack of acknowledgement from key figures in South Africa as to the possibilities of data security, individual right to privacy and the countless levels on which the system could be used incorrectly. (Breckenridge 2005: 278)

It is worth mentioning that the move to a biometric identification system does not represent the creation of entire new waves of data. It is an attempt to reform the broken system that came as a result of apartheid (Breckenridge 2005: 279), which makes it different to other proposals for the implementation of biometric identification in other societies in that it is a new management of existing data rather than a whole new set of data being collected.

However, the problems with biometric identification are numerous, as Breckenridge nominates with regard to HANIS:

    • The verification system relies on the collected data being accurate
    • There is no plan in place for protection of the data
    • ‘Data-creep’ I.e. If private enterprise has access to the data, there are no protections in place to prevent them from on-selling citizen data for their own gain

      (Breckenridge 2005: 280-281)

These same problems could, and would most likely, be applicable to an Australian context.

A Biometric Australia

Biometric identification is an idea that would benefit society in terms of convenience of access to information in a centralised database. It would improve the work of the government, private enterprise and the relationship of the individual to the state and to business as a consumer.

However, the shortfalls that exist with regard to the right to privacy, the lack of structure in terms of system implementation as well as system maintenance, and the potential for data-creep make the idea less desirable.

Overall, these three key problems would need to be resolved before a complete biometrics based society could be a plausible possibility for Australia.

To conclude, it is worth noting that biometrics already play a role in our lives today in private enterprise and at our national borders. Its role may be limited, but are we already living in a biometrics based society without realising it?

Reference List

Barde, S. & Zadgaonkar, A. S. (2014). Research Papers: Person identification and foot modalities. International Journal of Advanced Engineering Research and Studies, 2(2), pp. 1-9. Retrieved from http://www.technicaljournalsonline.com/ijaers/VOL%20IV/IJAERS%20VOL%20IV%20ISSUE%20II%20JANUARY%20MARCH%202015/576.pdf

BISWARUP GANGULY, COLLECTION OF DATA FOR AADHAR, https://commons.wikimedia.org/wiki/File:Aadhaar_-_Biometric_Data_Collection_-_Chirantani_Vidyapith_-_Howrah_2012-08-10_01547.jpg, CC BY, SOME RIGHTS RESERVED

Breckenridge, K. (2005). The Biometric State: The Promise and Peril of Digital Government in the New South Africa. Journal of Southern African Studies. 31 (2), pp. 267-282. Retrieved from https://www-jstor-org.ezproxy1.library.usyd.edu.au/stable/pdf/25064994.pdf?refreqid=excelsior%3Aa5fc0fc83b4863cbcb8603b71c7fd20d

Divan, S. (2014).  The Prime Minister’s Fingerprints: AADHAR and the garrotting of civil liberties. National Law School of India Review. 26(2), pp. 159-168. Retrieved from https://www-jstor-org.ezproxy1.library.usyd.edu.au/stable/pdf/44283639.pdf?refreqid=excelsior%3Aad030648f1e4f89b443870928f300c64

Maguire, M. (2009). The Birth of Biometric Security. Anthropology Today. 25 (2), pp. 9-14.

MAX PIXEL, IRIS RECOGNITION BIOMETRICS SECURITY, https://www.maxpixel.net/Iris-Recognition-Biometrics-Security-Iris-Eye-2771174, CC-ZERO

Nayar, P.K. (2012). ‘I Sing the Body Biometric’: Surveillance and Biological Citizenship. Economic and Political Weekly. 47 (32), pp. 17, 19-22. Retrieved from https://www-jstor-org.ezproxy1.library.usyd.edu.au/stable/pdf/23251791.pdf?refreqid=excelsior%3Add52162a1bfc1de52bd5755239cca321

Shen, W. & Tan, T. (1999). Automated Biometrics-Based Personal Identification. Proceedings of the National Academy of Sciences of the United States of America. 96 (20), pp. 11065 – 11066.

Tech2Staff (2018, September 11). UIDAI software hacked using a patch that disabled critical security: report. Retrieved from https://www.firstpost.com/tech/news-analysis/uidai-aadhaar-software-hacked-using-a-patch-which-disabled-critical-security-report-5159521.html

Joe
About Joe 3 Articles
I'm 22, studying a Bachelor of Arts (French and IR&HRM), working full time at Specsavers. I hope to one day shape industrial relations policy in Australia.

Be the first to comment

Leave a Reply

Your email address will not be published.


*


twenty + eight =