Social Concerns
Home Identity Theft Microchip Implants

Social Concerns and Worries about Smart Cards and Invasion of Privacy 

"Big Brother Dataveillance Scenario"

Will Smart Cards Create an Infringement of Civil Liberties?

Dataveillance is the systematic use of personal data systems in the investigation or monitoring of the actions or communications of one or more persons.

Government agencies are frequently in a position to legally impose on individuals the condition that they identify themselves when performing particular kinds of transactions.  National identification schemes concentrate information, and hence power; and because it is simply inevitable that, at some stage, even in the most apparently stable and free nations, power will be exercised against the interests of individuals, and of the public generally.

Whenever a smart card is discussed, alarm bells usually sound for critics and protectors of privacy. Harry Hammitt a senior fellow with the Electronic Privacy Information Center in the U.S. is among the leaders in privacy concerns.

"The technology always sounds attractive from an access point of view, to identify, follow and track," he said. "The idea of government tracking is a major concern."

Although the use of biometrics is being imposed on citizens around the world for travel and immigration schemes, many citizens fear that biometrics could be used to compile dossiers about them, their habits and their lives. For example, information such as health, race, age and behavioural characteristics can be garnered from some sorts of biometrics identifiers, leading to concerns that specific groups could be targeted.

Organisations also acquire power over individuals through the accumulation of data about them and corporations may use a combination of inducements and market power to achieve the same end.

Legal issues include the purpose to which information about individuals is collected and how it can then be used, the ability to access information and redress inaccuracies, and providing robust enough security so that persons cannot have their information compromised, especially during enrolment in biometric schemes and during transmission of data over public networks.

Individuals are currently required to confirm their identity for many diverse purposes, such as verifying eligibility within a health care system, accessing a secure network or facility, or validating their authority to travel. In almost every discussion about implementing personal identification (ID) systems to improve identity verification processes, concerns about privacy and the protection of personal information quickly emerge as key issues.

Government agencies and private businesses that are implementing ID systems to improve the security of physical or logical access must factor these issues into their system designs. While technologies are available that can provide a higher level of security and privacy than ever before, ID system complexity coupled with increasing public awareness of the risks of privacy intrusion require that organizations focus on privacy and personal information protection throughout the entire ID system design.

Even if Canada were to issue national ID smart cards, it wouldn't necessarily be a success, warned Peter Öhman, business manager of Finland-based smart card vendor Miotec Oy. Finland, he said, embarked on a smart card project three years ago and has so far issued fewer than 20,000 smart cards in a country of five million. Even in a small country with a good infrastructure, he added, it was a tough sell. "It's not much of a success story," he said. "I think one thing is that there were no examples. We were the first country in the world to do a project like this and it wasn't that easy, but I think we have learned quite a lot from the mistakes that were made."

Technology and acceptance issues are keeping smart cards out of the Government On-Line project.

Social barriers to the widespread use of biometrics. - article

Social and political risks involved in national identification schemes.

According to Roger Clarke the first cluster of requirements related to the avoidance of dangerously privacy-invasive multi-purpose identification:

identified transaction trails must be restricted to circumstances in which they are justified by the impossibility of alternatives;
anonymity must be sustained except where it is demonstrably inadequate;
in order to achieve balance among competing interests, much greater application must be made of pseudonymity, in particular through protected indexes;
(expressing the preceding requirements differently), identity authentication must only be used where it is functionally necessary, and much greater application must be made of eligibility authentication;
multiple single-purpose ids must be implemented rather than a few multi-purpose ids;
an important corollary of the 'multiple ids' principle is the maintenance of separation between applications within multi-function chips, in order to assure the integrity of each application, and protect against unauthorised sharing of data and ids; and
another important application of the 'multiple ids' principle is the implementation of role-ids as well as person-ids, to reflect the facts that individuals perform multiple roles at the same time, and that multiple individuals perform the same organisational function. 

The second cluster of requirements relates to the provision of individuals with a significant degree of control over processes involving chip-based ID cards:

the ownership of cards must be in the hands of the individual, not the State;
the design of chip-based ID schemes must be transparent to the individual;
the issue and configuration of cards must be undertaken by multiple organisations, including competing private sector corporations, within contexts set by standards bodies, and by relevant government and private sector organisations, in consultation with public interest representatives;
private keys used variously for message-encryption and for digital signatures may be stored on a personal card, but no central storage of private encryption keys must be permitted to develop. An appropriate descriptor for such a personal card is an 'electronic signature card' rather than an 'id card';
the control of individuals' biometrics must be in the hands of the individual concerned, not the State. Hence biometrics may be stored on the relevant person's card, and in backup arrangements under the individual's control, but no central storage of biometrics must be permitted to develop; and
schemes must feature two-way device authentication, i.e. personal chips must verify the authenticity of devices that seek to transact with it, and must not merely respond to challenges by devices. 

These design features create additional challenges for organisations planning the use of chips as a basis for an identification scheme. But they provide a basis whereby organisations can achieve their legitimate aims, yet individuals can be assured that the schemes are not unduly privacy-invasive.

Smart cards have potential to become Big Brother's little helper, says inventor

10/13/2004 4:16:31 PM - by Vawn Himmelsbach 

In 1949, when the Communists took over Mainland China, there was a flood of emigration to Hong Kong, which was then a British colony. To deal with this, the government introduced mandatory ID cards, made simply of cardboard.

A lot has changed since then. Hong Kong is now part of the People's
Republic of China. And it's replacing its national identity cards with multi-application, biometric-based smart cards.

With the four-year rollout now underway, the Smart Identity Card System (SMARTICS) is one of the most ambitious projects of its kind in the world. When complete, seven million Hong Kong residents will use a smart ID card for mandatory government functions and optional business functions (through e-Cert).

The credit card-sized piece of plastic will include personal data such as name, birthdate, gender, residential status and photo, as well as a digital template of both thumbprints. A driver's licence application will be introduced in 2006. The data is stored in a microchip and protected by encryption.

While some believe Hong Kong is taking the lead in smart card implementation, others — namely civil libertarians — warn that the use of such technology can backfire, causing human rights abuses by allowing governments to better control citizens.

Even the inventor of the smart card, Roland Moreno, said the technology has "the potential to become Big Brother's little helper."

In some countries, plans to roll out national identity cards have met with resistance from pro-privacy groups.

One group, Privacy International, has spent the past decade opposing such proposals in the U.S., the U.K., Australia, New Zealand, the Philippines and Thailand. Past attempts to roll out national ID cards in South Korea and Taiwan failed when met with strong resistance.

The Electronic Privacy Information Center questioned Canada's proposed national ID card, which would require fingerprint and iris scans of all Canadians. In a report, the group said the proposed card would likely breach Canada's Charter of Rights and Freedoms.

"The identity card proposed for Canada involves the concept of converged or 'joined-up' data resources. This poses grave threats to the security of data," says the report.

"It also introduces the inevitability that data will be lost, misinterpreted, mutated or abused. Multiple-agency access to sensitive data greatly increases the potential for misuse of information, either through corrupt disclosure or lapses in security."

The issue of privacy protection, however, is unlikely to be debated in Mainland China, where its Golden Card Project started rolling out this year. As many as 800 million smart ID cards could be in use by 2006, according to a Dow Jones report. These cards will replace the existing plastic-coated paper IDs currently in use.

Chinese officials say this will help eliminate counterfeit IDs. Civil libertarians argue it's a way to more easily track the country's 1.3 billion citizens. One advantage of a centralized party system: officials don't have to worry about public debate or provide objective media coverage on the issue.

There are both pros and cons to smart card technology; it holds both promise and peril for e-government. In many cases, smart ID cards are optional, rather than mandatory. In Hong Kong, however, refusing to obtain a smart ID card constitutes an "offence."

The key is to make sure privacy is protected at all costs — but that's not easy in countries where privacy and human rights are not protected by legislation. Smart cards need to be smart enough to ensure they don't become Big Brother's little helper.

Privacy Concerns Related to Smart Card Implementation

Privacy advocates say that the use of smart cards could have far reaching implications for privacy of personal information, access to government services and integration of previously separated databases.

The government's aim is to reduce fraud and increase cost-efficiency in the application for and delivery of public services, all while protecting personal privacy in a seamlessly integrated 'electronic government.'  Possible applications include a smart card for health government funded OHIP, the Ontario Drug Benefits Program, driver's licenses, proof of age, organ donation instructions and social assistance.

It is said that it will cost Ontario over $500 million just to launch the basic infrastructure of cards, readers, connections and related systems, yet there are, as yet, no clear or overwhelming benefits to justify such an investment.

The government knows it has to visibly address the obvious privacy concerns surrounding this initiative. But once the pricey infrastructure is in place the need to demonstrate its cost-effectiveness will create relentless pressure to expand the range of applications into increasingly sensitive areas of personal information.

What starts out as a limited access card could be gradually transformed into a general access card that needs to be shown at virtually all points of contact between government and citizens. Along the way, the fine line between secure authentication and personal identification is easily crossed. Taking the fingerprints of all it's citizens is a distinct possibility and a worry to some.

Some other concerns relate to the id card holding "all your information", the concept of surveillance and tracking of our movements, and the linkages of our personal information into one central "big brother" computer.  Using biometrics to identify us is seen as tantamount to having our DNA and fingerprints on file with every government agency.

While there are some indications that the Ontario government is backing way from biometrics, they refuse to rule it out. As long as the initial card has the processor power and memory capacity to support biometric authentication, there will remain a risk that this controversial feature will be later sneaked in quietly as appears to be happening in other Canadian jurisdictions.

Legislators, engineers and citizens alike must acknowledge the fact that when computers are used to regulate social interaction, they become an effective form of legislation.

A wise decision-maker in the public sector must therefore ensure that the proposal genuinely fulfills the public good purposes without introducing any harmful side effects that might have escaped scrutiny.

Privacy Protection Concerns in France Over Biometric Visa Database

01/05 - Replying to a consultation by the French Government, the National Commission for Informatics and Liberty (CNIL) – the official data protection watchdog – said that storing fingerprints in a chip would not raise problems “as long as adequate security measures are taken”.

However, the CNIL voiced some concerns concerning the central database. Among other things, the commission said that the biometric data of applicants that are denied a visa should not be kept in the database as this would not be justified by any border control purpose. Indeed, the CNIL pointed out that the absence of a record in the database would be sufficient to determine that an individual was not granted a visa.

The Government has however not retained the CNIL’s comment and all biometric data collected will be kept in the central database for a period of two years for applicants awarded short-term visas, and five years for applicants awarded long-term visas and for those applicants who are denied a visa.

Practice by Tracking Those Who Track Others

03/05 - The Department of Homeland Security Access Card RFID chip and its Bluetooth-enabled holder could make it a target for hackers and spies with wireless readers, who could be lurking in commissaries, coffee shops, bars and subway stations around the Capitol.

The tens of thousands of people carrying DACs around Washington this year will also help to prove or discredit predictions by privacy advocates that the RFID tags will be used to track individuals in public and private places.

"We don't see any sensible and offsetting reason for using RFID technology instead of another technology in identification cards and documents," said Cedric Laurant, policy council at the Electronic Privacy Information Center, "except for surreptitiously tracking people's movements with reader devices."

ID Smart Cards a Waste of Money?

03/05 - In an interview with Computer Weekly, Bruce Schneier, security author and chief technology officer of internet security group Counterpane, said the programme could do more harm than good.

"ID cards are a waste of money. The amount of good they will do is not nearly worth the cost. They will not reduce crime, fraud or illegal immigration," he said.

The adoption of ID cards would encourage criminals to attempt forgeries, he said, potentially exacerbating crime rather than reducing it.

"Every credential has been forged. As you make a credential more valuable, there is more impetus to forge it. The reason identity theft is so nasty now is that your identity is so much more valuable than it used to be. By putting in the infrastructure, we have made the crime more common. That's scary."

He said the UK government, like other governments around the world, was investing in the technology as a form of control but marketing it as better security.

"We are living in a world where governments are looking for more control. They are looking for measures that increase control. It is being sold as security but it is really control," he said.

Schneier said that the US plans to spend £10bn on a programme to build checkpoints at airports to prevent terrorists boarding planes are a similar waste of money.

"If you had a list of people that were so dangerous you would never let them on an aircraft and £10bn, would you build a series of checkpoints at airports just in case they happened to walk through them, or hire FBI agents to investigate those people?" he said.

"We are building a security system that only works if the terrorist happens to choose the tactic of going on an aircraft, yet we are affecting the privacy of every airline passenger."

Schneier said ID theft will only be solved when banks are given responsibility to prevent it. "As soon as it becomes the banks' problem, it will be solved. The entity that is responsible for the risk will mitigate the risk."

Credit card fraud in the US fell dramatically after the banks become responsible for refunding customers with losses of more than £25 caused by fraud, he said.

11/06- CONCERNED about privacy fears, the Australian Federal Government plans to introduce laws to prevent its new health and welfare smartcard becoming an identity card. The laws will stop private businesses such as hotels and banks, as well as state governments, from being able to demand the card as a form of identity.

And in a move hoped to give consumers more control over the card's use, the legislation will also make individual holders — not the Government — the owners of the card. This is highly unusual given that credit cards, driver's licences and even gym memberships remain the property of issuers such as credit card companies and governments.

Australians will also have the option of storing any personal information they want on up to one-third of the storage space on the federal Government's proposed human services smartcard.

Fingerprinting dental patients raises privacy concerns

11/06 - (CBC) A Winnipeg dentist has adopted a system that allows patients to announce their arrival with a touch of their fingers — which has raised the eyebrows of some privacy experts.

Tim Dumore started fingerprinting his orthodontic patients about six months ago.

He has installed a biometrics system that allows his patients, most of whom are children, to sign in without telling a receptionist. On arriving, they touch their finger to a pad at the front desk and a computer sends a message to staff workstations.

While Dumore says most of his patients and their parents have willingly co-operated, he admits some have been reluctant.

"It can seem Big Brotherish," he said. "But we can reassure them that we're using proper security protocols."

The University of Manitoba's faculty of dentistry also fingerprints its patients.

Michael Lasko, registrar of the Manitoba Dental Association, thinks it could be the way of the future for identifying patients in dentistry and medicine.

"It's probably the easiest and most secure method of maintaining patient privacy," said Lasko.

He said fingerprints help patients maintain their anonymity by eliminating the need for conversations about personal health information at the reception desk.

Biometrics are being used to identify patients in medical and dental practices around the world.

But for Winnipeg privacy lawyer Brian Bowman, it raises all sorts of red flags. He worries that fingerprints, especially those of children, are being used simply for convenience.

"I think a lot of people are going to be asking the question: 'Why do you need to be collecting such sensitive data, and is it really necessary?' " he said.

Bowman says the practice could run afoul of privacy laws and there's the potential that those who refuse to provide their fingerprints might not receive treatment.

Dumore says his fingerprinting program is strictly optional.

But given the initial response, he expects he will soon have almost all his patients' fingerprints on file.

'When the Clocks Strike 13'

11/06 (Excerpt) A study commissioned by the office of the UK Information Commissioner Richard Thomas to assess the level of government intrusion into the lives of British citizens and present a forecast of future developments has come up with the stark conclusion that within ten years surveillance in this country will be “all-pervasive,” the development and implementation of technologies for data-gathering and governmental snooping given extra momentum by the government’s increasingly transparent claims of its unquestionable necessity in the “War on Terrorism.” The authors of the 140-page report express concerns that the balance between individual privacy and the necessity of combating terrorism and crime has already been tipped too far against the individual, and warn that the oft-bleated apologia for state-mandated meddling in the lives of its citizens (“if you have nothing to hide then you have nothing to fear”) is “fallacious and dangerous.”

According to the report, published ahead of an international privacy conference held in London last week, “the combination of CCTV, biometrics, databases and tracking technologies can be seen as part of a much broader exploration, often funded with support from the US/UK ‘war on terror,’ of the use of interconnected ‘smart’ systems to track movements and behaviours of millions of people in both time and space.” The publication of the report prompted Mr Thomas himself to comment that the concerns he raised two years ago that “we are sleepwalking into a surveillance society” are rapidly becoming a reality, adding “today I fear that we are in fact waking up to a surveillance society that is already all around us.”

It is a well-documented fact that Britain has long had a truly astounding number of CCTV cameras – more than any other country in the world. With an estimated 4.2 million cameras across the country, 1 camera for every 14 people, Britain is officially the most watched nation on planet earth. To put it another way, 20% of the entire world’s CCTV cameras are in Britain, with the result that if you live in a town or city in this country your face is likely to be caught on more than 300 cameras each day.

During the 1990s the Home Office reportedly spent 78% of its entire crime prevention budget on installing these cameras, equating to well over £500 million. In spite of this, a recent Home Office study concluded that “CCTV schemes have had little overall effect on crime levels,” and that “improved street lighting would have been a better investment.”

On Campaigns of Opposition to ID Card Schemes - Excellent and easy to read article on public revolts to national ID cards.

Privacy and Secure Identification Systems - white paper by Smart Card Alliance.

Surveillance and Society - Dataveillance Issues and Concerns - promotes understanding of surveillance in society.

Biometric Driver's License to Become National ID Card? - article

Critics Wary of Biometric Smart Cards - article

Biometric Watch Links to Privacy Issues - articles and links

Parents protest radio ID tags for students - CNN article

Privacy advocates warn about the new Australian Medicare Smartcard, describing it as an insecure and technologically inept implementation. article 02/05