Biometric Identifiers

• Background |
• News Items |
• Resources |
• Previous Top News

Latest News/Events

• EPIC, Coalition Calls for Surveillance Reforms in Response to DOJ Surveillance of Congress and Reporters + (Jun. 18, 2021)
  In a coalition letter, EPIC and more than twenty civil society groups called for reforms to surveillance statutes authorizing collection of sensitive information and gag orders. The letter follows recent revelations that the Department of Justice spied on members of Congress and the press by collecting their communications and issued gag orders to hide that surveillance. The coalition also called for a thorough investigation by Congress and the DOJ. EPIC recently endorsed a bill to stop government use of facial recognition and other biometric surveillance tools.
• Senator Markey Introduces Bill to Ban Face Surveillance + (Jun. 15, 2021)
  Senator Edward J. Markey (D-Mass.), along with Senators Merkley, Sanders, Warren, and Wyden, as well as Congresswomen Jayapal, Pressley, and Tlaib today introduced legislation to stop government use of biometric surveillance, including facial recognition tools. The Facial Recognition and Biometric Technology Moratorium Act prohibits the use of facial recognition and other biometric technologies by federal agencies, including Customs and Border Protection. "Facial recognition poses a significant threat to our democracy and privacy," said Caitriona Fitzgerald, Deputy Director, Electronic Privacy Information Center (EPIC). "Facial recognition technology has been shown time and time again to be biased, inaccurate, and disproportionately harmful to people of color. The Facial Recognition and Biometric Technology Moratorium Act of 2021 would effectively ban law enforcement use of this dangerous technology. EPIC is proud to support it.” EPIC leads a campaign to Ban Face Surveillance and through the Public Voice Coalition has gathered support from over 100 organizations and experts from more than 30 countries. Recently, in an open letter EPIC and a coalition of more than 175 civil society organizations and prominent individuals called for "an outright ban on uses of facial recognition and remote biometric recognition technologies that enable mass surveillance and discriminatory targeted surveillance."

• Biden Administration Abandons DHS Plans to Expand Biometric Collection + (May. 11, 2021)
  According to a news report, the Biden Administration plans to rescind a proposed rule to massively expand the collection of biometric information from immigrants. The rule, proposed towards the end of the Trump Administration, would have granted the Department of Homeland Security broad authority to collect biometric data from immigrants and their families and associates. The rule would have enabled the collecting of palm prints, iris images, voiceprints, DNA, and images for facial recognition regardless of age. In comments to the Department of Homeland Security, EPIC opposed the rule and urged the agency to rescind the proposed rule. EPIC argued that DHS']s broad authorization to collect biometrics was incompatible with the Department's Fair Information Practice Principle. EPIC also specifically called on the agency to suspend the use of facial recognition technology. Last year, EPIC, joined by over 40 organizations called for the Privacy and Civil Liberties Oversight Board to recommend the suspension of face surveillance systems across the federal government.

More top news

EPIC, Coalition Urge DHS to Rescind CBP's Proposed Biometrics Rulemaking + (Mar. 10, 2021)

In a letter to Secretary of Homeland Security Alejandro Mayorkas, EPIC and a coalition of civil rights, civil liberties, immigrant's rights, technology, and privacy organizations urged the agency to rescind a Notice of Proposed Rulemaking massively expanding Customs and Border Protection's (CBP's) use of biometrics, and to suspend the use of facial recognition across DHS. The NPRM was originally issued November 19, 2020 and re-published on February 9, 2021 in a sign that DHS and the Biden Administration intend to go forward with the rulemaking. EPIC submitted comments on the original NPRM, urging CBP to suspend its use of facial recognition, or in the alternative use only 1:1 face comparison. Earlier, EPIC voiced opposition to a broader DHS rulemaking authorizing widespread use of biometrics, including facial recognition, throughout the agency.

EPIC, Coalition Call on Biden Administration to Abandon "Virtual Border Wall," Invest in Migrant Communities + (Feb. 25, 2021)

In letter to the Biden administration, EPIC and a coalition of 40 privacy, immigration, and civil liberties organizations urged the administration to abandon the proposed U.S. Citizenship Act of 2021 as an extension of the Trump administration's border policy. The proposed legislation would direct DHS to deploy a bevy of biometric and other surveillance technologies at points of entry and along the southern border. The letter describes how such technologies endanger the lives of migrants by pushing them onto more dangerous travel routes. The use of surveillance technologies at the border inevitably extends into the interior, where they are deployed against protesters, communities of color, and indigenous peoples. EPIC recently urged DHS to rescind a proposed rule increasing the agency's collection of biometric information.

EPIC, Coalition Urge NYPD to Limit Use of Surveillance Technologies and Disclose More Information on Their Use + (Feb. 25, 2021)

In comments to the New York Police Department, EPIC called for meaningful limits on the use of mass surveillance technologies including facial recognition, airplanes and drones, automated license plate readers, and social media monitoring tools. EPIC also joined with privacy and civil liberties advocates and academics in coalition comments urging the NYPD to make a good faith effort to meet the requirements of the Public Oversight of Surveillance Technologies (POST) Act. The POST Act requires the NYPD to publish impact statements and use policies for 36 surveillance technologies. The Department's draft policies fail to disclose necessary information including detailed data storage, retention, and auditing practices, do not name the vendors of these technologies, and gloss over systemic racial discrimination in the use of these technologies with boilerplate language. The disclosures illuminate the use of technologies by the NYPD that enable mass surveillance and have extensive documented risks of bias and inaccuracy. EPIC leads a campaign to Ban Face Surveillance, and through the Public Voice coalition gathered support from over 100 organizations and experts from more than 30 countries.

EPIC Urges NIST to Adopt Privacy-Protective Standards for Federal ID Cards + (Feb. 2, 2021)

In comments responding to the National Institute of Standards and Technology's draft Federal Information Processing Standards for personal identity verification (ID cards and digital identity verification), EPIC urged the agency to adopt more privacy protective technology for federal employees and contractors. EPIC drew upon expertise from the Advisory Board for these comments. EPIC recently urged the Department of Homeland Security to suspend a new counterintelligence system of records which will collect biometric information. EPIC previously urged the Department of Transportation to provide more privacy protections for federal employees in the Insider Threat database.

Hamburg DPA Deems Clearview AI's Biometric Photo database Illegal, Orders a Partial Deletion of Profile + (Jan. 28, 2021)

The Hamburg Data Protection Authority has ruled that Clearview AI’s searchable database of biometric profiles is illegal under the EU’s GDPR and ordered the U.S. company to delete the claimant’s biometric profile. Clearview AI scrapes photos from websites to create a searchable database of biometric profiles. The database, which is marketed to private companies and U.S. law enforcement, contains over 3 billion images gathered from websites and social media. The claimant submitted a complaint to the Hamburg DPA after discovering that Clearview AI had added his biometric profile to the searchable database without his knowledge or consent. The DPA ordered Clearview to delete the mathematical hash values representing his profile but did not order Clearview to delete his captured photos. The DPA’s narrow order protects only the individual complainant because it is not a pan-European order banning the collection of any EU resident’s photos. The DPA decided that Clearview AI must comply with the GDPR, yet this narrow order places a burden on Europeans to have their profiles removed from the database. EPIC has long opposed systems like Clearview AI, filing an amicus brief before the 9th Circuit defending an individual's right to sue companies who violate BIPA and other privacy laws, submitting FOIA requests with several government agencies that use Clearview AI technology, and urgingthe Privacy and Civil Liberties Oversight Board to recommend the suspension of face surveillance systems across the federal government.

EPIC to Maryland Legislators: Enact Biometric Privacy Law + (Jan. 27, 2021)

EPIC Senior Counsel Jeramie Scott testified today to Senate and House Committees of the Maryland General Assembly in support of legislation protecting biometric information privacy. HB218 and SB16 are modeled after the Illinois Biometric Information Privacy Act (BIPA). Passed in 2008, BIPA has been referred to as one of the most effective and important privacy laws in America. "Unlike a password or account number, a person’s biometrics cannot be changed if they are compromised," EPIC told the Committees. EPIC stressed the importance of strong enforcement measures in privacy laws, particularly a private right of action. EPIC also submitted a recent case study on the Illinois law written by EPIC Advisory Board member Woody Hartzog. EPIC previously filed an amicus brief in Rosenbach v. Six Flags, where the Illinois Supreme Court unanimously decided that consumers can sue companies that violate the state's biometric privacy law. [Watch the hearing]

EPIC Urges DHS to Suspend New Counterintelligence Records System + (Jan. 13, 2021)

EPIC submitted comments to the Department of Homeland Security in response to a system of records notice and proposed exemptions from Privacy Act requirements for a new counterintelligence records system. DHS's proposed records system would permit nearly limitless collection of sensitive personal information and unchecked disclosure of that information to state, local and international agencies, and to private companies. DHS's proposed exemptions would eliminate all individual rights under the Privacy Act and exempt DHS from basic Privacy Act requirements, including limiting data collection to necessary information. EPIC recently insisted that DHS rescind a proposed expansion of the use of biometrics, including facial recognition, across the agency.

EPIC Urges CBP to Halt Use of Facial Recognition for Biometric Entry/Exit + (Dec. 21, 2020)

EPIC submitted comments to U.S. Customs and Border Protection (CBP) in response to a Notice of Proposed Rulemaking that would drastically expand CBP’s use of facial recognition at airports and land border crossings. EPIC urged the agency to stop using facial recognition to identify travelers. EPIC criticized CBP’s implementation of Biometric Entry/Exit for the agency's failure to even follow its own Fair Information Practice Principles. EPIC recently insisted that DHS rescind a proposed expansion of the use of biometrics, including facial recognition, across the agency. Earlier this year, an EPIC-led coalition called on the Privacy and Civil Liberties Oversight Board to recommend the suspension of face surveillance systems across the federal government.

EPIC Urges Advisory Council to Address Privacy Risks of DHS’s Use of Biometrics + (Dec. 11, 2020)

In response to a report by the Homeland Security Advisory Council’s Biometric Subcommittee, EPIC urged the Council to table the report until they can address the privacy and civil liberties implications of the Department of Homeland Security’s collection and use of biometrics in full. The Biometric Subcommittee was tasked with examining DHS use and collection of biometrics. The Subcommittee’s report failed to address a rule proposed in September that would broadly expand DHS use of biometrics. EPIC previously argued that the proposed rule, giving DHS broad authorization for biometric collection, was incompatible with the department's Fair Information Practice Principles.

EPIC Opposes DHS's Plans to Broadly Expand Biometric Collection + (Oct. 14, 2020)

In comments to the Department of Homeland Security and U.S. Citizenship and Immigration Services, EPIC urged the agency to rescind a proposed rule to broadly permit DHS to collect biometric from immigrants, their families, and associates. DHS's rule would enable the collection of palm prints, iris images, voiceprints, DNA, and images for facial recognition. EPIC argued that DHS's broad authorization of biometric collection was incompatible with the department's Fair Information Practice Principles. EPIC also specifically called on the agency to suspend the use of facial recognition technology. EPIC previously urged DHS to extend the comment period on this NPRM from 30 days to a standard 60-days for major rulemakings. EPIC consistently opposes biometric collection at DHS. In April EPIC urged DHS to narrow both the use and Privacy Act exemptions for its Insider Threat Database linking biometrics to personal information. Earlier this year, EPIC, joined by over 40 organizations called for the Privacy and Civil Liberties Oversight Board to recommend the suspension of face surveillance systems across the federal government.

Background

The tragic events of September 11, 2001, have led to a closer examination of security measures that might have foiled those devastating attacks and that might prevent similar attacks in the future. Prominent among the various measures being considered is the use of devices that check a person's identity using biometric identifiers such as fingerprints, iris/retina, or facial patterns. Soon after the attacks, Larry Ellison, head of California-based software company Oracle Corporation, advocated the deployment of mandatory national ID cards with fingerprint information to be matched against a national database of digital fingerprints to confirm the identity of the card's carrier. There have been recent discussions between the United States and the European Union concerning the creation of biometric passports.

Biometric identifiers are of course widely used by people to identify each other ñ one might recognize a friend by the sound of her voice, the color of her eyes, or the shape of her face. Devices using biometric identifiers attempt to automate this process by comparing the information scanned in real time against an "authentic" sample stored digitally in a database. The technology has had several teething problems, but now appears poised to become a common feature in the technological landscape.

The most widely used biometric is the fingerprint identifier. A June 2004 report by National Institute of Standards and Technology (NIST) showed that one-fingerprint identification systems had an accuracy rate of 98.6 percent, while the accuracy rate rose to 99.6 when two fingerprints were used and 99.9 when four, eight and ten fingerprints were used. The report also showed that the accuracy rate for fingerprint identification drops as the age of the person increases, especially for those more than 50 years old.

The United States Visitor and Immigrant Status Indicator Technology (US-VISIT) program marked its first anniversary in early January and extended its entry/exit biometric capturing system to 50 of the busiest land ports of entry. The system requires two digital index finger scans as well as a digital photograph of the visitor, which are intended to verify identity and are compared to a vast network of government databases.

There are significant privacy and civil liberties concerns regarding the use of such devices that must be addressed before any widespread deployment. Briefly there are six major areas of concern:

Storage. How is the data stored, centrally or dispersed? How should scanned data be retained?

Vulnerability. How vulnerable is the data to theft or abuse?

Confidence. How much of an error factor in the technology's authentication process is acceptable? What are the implications of false positives and false negatives created by a machine?

Authenticity. What constitutes authentic information? Can that information be tampered with?

Linking. Will the data gained from scanning be linked with other information about spending habits, etc.? What limits should be placed on the private use (as contrasted to government use) of such technology?

Ubiquity. What are the implications of having a electronic trail of our every movement if cameras and other devices become commonplace, used on every street corner and every means of transportation?

News Items

• Your Local Cops Now Use Iraq’s Iris Scanners
, Wired Magazine, December 20, 2010.
• DHS boosts E-Verify with links to passport photo database, Federal Computer Week, November 12, 2010.
Why no one wants DHS to play cyber mall cop, Federal Computer Week, July 22, 2010
• Biometric answer to ID fraud has limits: expert, Reuters, March 8, 2010.
• E-Verify fails to catch half of unauthorized workers, study reveals, Federal Computer Week, March 3, 2010.
• Trials of full-body scanners at Delhi airport from May, The Times of India, February 3, 2010.
• Smartmatic and Cross Match Technologies to Supply Mexico’s National Register Technology and Infrastructure, IT News Online, January 14, 2010.
• EU plans to fingerprint foreigners to beef up borders. Reuters, February 13, 2008.
• Lockheed Gets $1 Billion FBI Biometrics Contract. Information Week, February 13, 2008.
• a href="http://washingtontechnology.com/articles/2008/02/07/three-giants-compete-for-fbi-biometric-deal.aspx">Three giants compete for FBI biometric deal, February 8, 2008.
• Manchester Airport launches staff biometrics. ZDNet, January 23, 2008.
• FBI wants instant access to British identity data. The Guardian, January 15, 2008.
• Customs to collect visitors' 10 prints. USA Today, December 3, 2007.
• School security cameras go cutting edge. USA Today, November 1, 2007.
• 'Kiddyprinting' takes off in Scots schools. Sunday Herald, October 7, 2007.
• U.S. is building database on Iraqis. USA Today, July 12, 2007.
• Iraqis' phony IDs mask links to Shiites, Sunni. Star-Telegram.com, June 24, 2007.
• Backgrounder: A National ID Program for Iraq? New York Times, May 29, 2007.
• At Checkpoints in Baghdad, Disguise Is a Lifesaving Ritual. Washington Post, Sept. 29, 2006.
• To Stay Alive, Iraqis Change Their Names. New York Times, Sept. 6, 2006.
• Biometrics unreliable, says EU privacy head. CNet News, March 15, 2006.
• Co-op supermarkets introduce pay-by-touch. Reuters UK, March 9, 2006.
• Online assessments and biometrics used in new immigration system. Computer Weekly, March 8, 2006.
• Oxford Co-ops test fingerprint payments. Silcon.com, March 8, 2006.
• Biometrics at the Disney Gates. Secure ID News, March 2, 2006.
• Forgot your passwords? Try using your heart. Forbes, Februrary 24, 2006.
• Researchers Use Fingerprints to Secure Networks. NetworkWorld, February 24, 2006.
• Biometrics used to protect Germany’s Olympic athletes. Computerworld, February 22, 2006.
• U.K. e-passports start their travels. CNet News, February 21, 2006.
• Biometrics struggles to go mainstream. VNUNet, February 17, 2006.
• Brown backs biometrics. Silicon.com, February 14, 2006.
• Biometrics use to accelerate in 2006. ZDNet News, February 2, 2006.
• DHS taking second look at iris scans for Registered Traveler. GCN, January 30, 2006.
• Nursery installs fingerprint ID system. Telegraph, January 18, 2006.
• U.K. cops look into face-recognition tech. ZDNet News, January 17, 2006.
• Police build national mugshot database. Silicon.com, January 16, 2006.
• E-passport testing begins at San Francisco International Airport. Contactless News, January 16, 2006.
• Biometrics deal: Viisage paying about $770 million in stock for Identix. Associated Press, January 12, 2006.
• New biometrics group focuses on frequent fliers. GovExec News, January 9, 2006.
• Minnesota To Use Biometrics On IDs. St. Paul Pioneer Press, January 6, 2006.
• Gov't to use biometrics to better security. Miami Herald, January 5, 2006.
• Mexico hires biometrics companies to beef up prison security. Associated Press, January 4, 2006.
• U.S.Visit biometrics up and running, on time. Washington Technology, December 30, 2005.
• New biometrics software looks for sweat. ZDNet News, December 21, 2005.
• Outside View: Biometrics for security. UPI, December 18, 2005.
• Boffins use Play-Doh to fool biometrics. VNUNet, December 13, 2005.
• Ridge: Terrorist Threats Spur Tech. Internet News, December 7, 2005.
• Fingerprint, iris scans for airport employees. Toronto Star. December 7, 2005.
• Home secretary sets out business case for ID cards. VNUNet, November 23, 2005.
• Biometrics calm US web shoppers. Silicon.com, November 21, 2005.
• Decision on smart-card biometrics due soon. Government Computing News, November 18, 2005.
• Biometrics Goes CE. Electronic News, November 16, 2005.
• TSA releases guidance on biometrics for access control. Government Computing News, November 15, 2005.
• Smiling Germans ruin biometric passport system. VNUNet, November 10, 2005.
• First biometric passports issued to diplomats. Silicon.com, November 8, 2005.
• Thousands of businesses to be authorised to make biometric checks on customers. Computer Weekly, November 1, 2005.
• Chief scientist to put ID biometrics under the microscope. Telegraph, October 26, 2005.
• Biometrics beyond borders. ZDNet News, October 25, 2005.
• Experts call for global biometrics agency. ZDNet News, October 21, 2005.
• 2,500 people to test ID card biometrics. Silicon.com, October 20. 2005.
• Cashing in on security. Washington Times, October 19, 2005.
• Government plans to test biometrics at the border. Globe and Mail, October 17, 2005.
• ID card technology 'difficulties.' Scotsman, October 16, 2005.
• Exclusive: NSW Police eye roadside fingerprint biometrics. Computerworld, October 14, 2005.
• Sticky fingers could scupper UK ID card biometrics, warn experts. Computer Weekly, October 13, 2005.
• Alaska-Canada border policy changed. Fairbanks Daily News-Miner, October 11, 2005.
• Biometrics not ready for prime time, says Europe. Silicon.com, October 7, 2005.
• Australia Tests Biometrics at Airports as Part of Immigration Program. Associated Press, September 29, 2005.
• Sydney airport to trial biometrics. ABC News, September 29, 2005.
• Biometrics curing password headaches. Silicon.com, September 28, 2005.
• Biometric Imaging Faces a Reality Check. Advanced Imaging, September 26, 2005.
• Smart ID Cards Debated. IDG News Service, September 14, 2005.
• Rutgers Turns to Biometrics For Lab Acces. InformationWeek, September 13, 2005.
• Biometrics roadshow kicks off ID cards charm offensive. Silicon.com, September 12, 2005.
• Fingerprint scans to be used at Canadian airports. Canadian Press, August 30, 2005.
• UK to incorporate new biometric standards. ZDNet, August 29, 2005.
• Israel uses hands-on approach for trusted travelers. FCW, August 29, 2005.
• IBM works toward replacable biometrics. IDG News Service, August 17, 2005.
• New border program gets mixed reviews. Daily Bulletin, August 10, 2005.
• The State Of Surveillance. Business Week, August 8, 2005.
• Surveillance Society: The Experts Speak. Business Week, August 8, 2005.
• Biometrics make people wary. Globe and Mail, August 2, 2005.
• Soft-drink giant deploys biometrics. ITWeb, July 28, 2005.
• GSA wants specifics on smart cards, fingerprint biometrics. Government Computing News, July 27, 2005.
• Justice seeks faster fingerprint tech. FCW, July 19, 2005.
• Labor concerned at fingerprint ID plan. ABC News, July 19, 2005.
• Transit group seeks $6B to bolster transportation security. Computerworld, July 14, 2005.
• UK Wins Push for Anti-Terrorism Information Sharing. EGov Monitor, July 14, 2005.
• UK EU presidency aims for Europe-wide biometric ID card. Register, July 13, 2005.
• Banks to establish standard system for biometrics identification. Asahi, July 12, 2005.
• Biometrics puts security at a user's fingertips. San Francisco Chronicle, July 11, 2005.
• Police back system, despite the results. Virginian-Pilot, July 10, 2005.
• Germany moves forward with e-passports. Government Computing News, July 8, 2005.
• German Airline Tests Biometric Tickets. Associated Press, July 6, 2005.
• Biometrics won't deter passport fraudsters chief admits. Register, July 1, 2005.
• Forget fingerprints and eye scans; the latest in biometrics is in vein. ComputerWorld, June 29, 2005.
• Interview transcript: Head of UK Passport Service. Financial Times, June 29, 2005.
• UK to outsource biometric visa checks to Mumbai. Register, June 27, 2005.
• Biometrics companies scan a lucrative market. Financial Times, June 27, 2005.
• Biometrics get handheld with laptops. Arkansas Democrat-Gazette, June 27, 2005.
• Chicago Libraries to Require ID Check for Internet Use. NPR, June 26, 2005.
• Airport to test pilot program for screening of passengers. Miami Herald, June 26, 2005.
• Registered-traveler program works out its kinks. Orlando Sentinel, June 24, 2005.
• State tells lawmakers biometrics will ensure identity. Government Computing News, June 23, 2005.
• Biometrics ID system debuts at Orlando International Airport. Associated Press, June 22, 2005.
• Pay By Touch sees biometrics as key to secure transaction. Business Journal, June 17, 2005.
• US delays biometric passports for 27 countries until 2006. EU Business, June 16, 2005.
• ID Cards on Trial: Police chief questions biometrics. Silicon.com, June 16, 2005.
• US delays use of biometric passports for EU travelers to 2006. Agence France-Presse, June 15, 2005.
• Airport to Adopt Biometrics Security System. Korea Times, June 15, 2005.
• Finger-scan systems coming to Carolinas. Charlotte Observer, June 15, 2005.
• U.S. to scale back passport standards. Associated Press, June 14, 2005.
• British opposition to identity cards growing. New Zealand Herald, June 14, 2005.
• Iris Pushes e-Passport to Combat Terrorism. Nikkei Electronics Asia, June 14, 2005.
• Job seekers increasingly fingerprinted. Wall Street Journal, June 13, 2005.
• US expected to abandon Biometric passport plan. ElectricNews.Net, June 13, 2005.
• Secret rhythms: Firm finds security in keystrokes. Puget Sound Business Journal, June 12, 2005.
• Finger all some retailers need for payment. Washington Post, June 12, 2005.
• Ireland shelves biometric chip passport plans. Sunday Times, June 12, 2005.
• Customers Touched by Biometric Payments. Newsfactor Technology News, June 10, 2005.
• Fingerprinting for ID cards halted. Taipei Times, June 10, 2005.
• Costs Emerge for Biometric Visa Rollout. EGov monitor Newsdesk, June 9, 2005
• Plan For Voluntary Biometric ID Gets First Taker. Associated Press, June 8, 2005
• Biometrics: getting back to business, Computerworld, June 8, 2005.
• Traveler's card might just pave the way for a national ID card. USA Today, June 8, 2005.
• ID Cards on Trial: Minister defends "robust" biometrics. Silicon.com, June 7, 2005.
• Nature's barcode: Your fingerprints are increasingly being used for more than identification. Journal Times Online, May 27, 2005.
• Iowa passes child fingerprint act. Science Daily, May 21, 2005.
• DHS warns on passport upgrades. United Press International, May 13, 2005.
• US sets passport deadline. Australian IT, May 13, 2005.
• Cub Foods to pilot fingerprint payment system. Twin Cities Business Journal, May 13, 2005.
• U.S. bill sets tight driver's license rules. Chicago Tribune, May 11, 2005.
• Senate Backs Measure to Tighten ID Requirements. Washington Post, May 11, 2005.
• Senate approves electronic ID card bill. ZDNet News, May 10, 2005.
• States May Disobey Driver's License Rules. Associated Press, May 10, 2005.
• Controversial terror database closing down. Associated Press, April 15, 2005.
• MATRIX Pilot Project Concludes. News Release, April 15, 2005.
• French may have to buy compulsory biometric ID cards. IDG News Service, April 12, 2005.
• Fingerprint passports will be 'ID card by stealth.' Telegraph, April 12, 2005.
• Passport applicants must give fingerprints. Guardian, April 12, 2005.
• U.K. biometric ID cards bill shelved before election. IDG News Service, April 6, 2005.
• EU wants biometric passports delayed. Cnet News, April 1, 2005.
• Security and interop issues cause EU biometric passport delays. Register, April 1, 2005.
• Privacy International forges coalition calling on European Parliament to stop mass fingerprinting proposal. Privacy International, November 30, 2004.
• Concern over Biometric Passports. BBC News, March 30, 2004.
• Biometrics Benched for Super Bowl. Wired News, December 31, 2002.
• Privacy Still a Priority, Officials Say. Federal Computer Week, July 29, 2002.
• Biometric Passports Planned. Australian IT, May 15, 2002.
• Criminal Line-Ups Use Drivers' Photos: Senator wants state practice stopped as invasion of privacy. Denver Post, Mar. 6, 2002.
• A Surge in Demand to Use Biometrics.New York Times, Dec. 17, 2001.
• A Cautionary Tale for a New Age of Surveillance. New York Times, Oct. 7, 2001.
• Technology That Stands Out From The Crowd. Financial Times, Sept. 25, 2001.
• Terrorist Attacks Have Inspired Nationwide Interest In Surveillance. San Francisco Chronicle, Sept. 24, 2001.
• Databases May Be Used to Screen Air Travelers. Los Angeles Times, Sept. 20, 2001.
• Securing the Future. Los Angeles Times, Sept. 20, 2001.
• Biometrics; Exploring Technology to Protect Passengers With Fingerprint or Retina Scans. New York Times, Sept. 19, 2001.
• The Social Cost of Safety: Technology Can Help to Trap Terrorists But the Impact on Privacy is being Questioned. Financial Times, Sept. 19, 2001.
• No Silver Bullets: Giving Up Privacy for Security Will Leave Us With Neither. SF Gate, Sept. 18, 2001.
• Tech vs. Terrorism: Airports Look to New Technologies to Beef up Security. San Francisco Chronicle, Sept. 17, 2001.
• The Positive Side of Biometrics. Wired News, Sept. 5, 2001.

Resources

• U.S. Department of State Fact Sheet About Visa Waiver Program, Biometrics, and Machine-Readable Passports. April 7, 2005.
• EPIC's April Spotlight on Surveillance about ID cards with biometrics. April 1, 2005.
• EPIC's comments to the TSA's request for biometric guidance, March 17, 2005.
• Technical report (PDF) to the Council of European Union saying proposed biometric visa scheme is not feasible, November 11, 2004.
• EPIC's comments before the Department of the Treasury in the Matter of
  FACT Act Biometric Study, April 1, 2004.
• Letter (PDF) from civil liberties groups to International Civil Aviation Organization regarding their plans to include biometric identifiers such as fingerprints and facial scans on all newly issued electronic passports, March 30, 2004.
• EPIC's Face Recognition page.
• EPIC's National ID page.
• EPIC's July 2002 Congressional testimony concerning ID theft and biometrics, July 18, 2002.
• Use Of Biometric Identification Technology To Reduce Fraud In The Food Stamp Program: Final Report (PDF) ñ U.S. Department of Agriculture, December 1999.
• New Jersey State Assemblywoman Joan Quigley has introduced a bill to regulate biometric identifiers."
• Biometric Access Devices Put to the Test." From Heise Online.
• Connecticut Department of Social Services Biometric ID project (see their newsletter for latest biometric industry news).
• Analysis of biometric technologies from Deutsche Bank Research: "Biometrics-Hype and Reality" (PDF)
• Information on fingerprinting from onin.com.
• San Jose State University National Biometrics Test Center.
• Roger Clarke, an Australian privacy expert, has an excellent guide to the issues involved in the use of biometric identifiers. The guide also contains many useful links.
• Phil Agre, Associate Professor of Information Studies at UCLA, has put together an interesting collection of arguments and news stories about ubiquitous use of biometric identifiers, specifically face recognition cameras. Your Face is Not a Bar Code: Arguments Against Automatic Face Recognition in Public Places. Sept. 7, 2001.
• The Biometric Consortium serves as the US Government's focal point for research, development, test, evaluation, and application of biometric-based personal identification/verification technology. They also have a good collection of links to articles and other publications.
• The International Biometric Industry Association maintains a FAQ and links to other resources on biometric technology.Erik Bowman of Identix, a leading developer of biometric technology, describes biometrics from the industry perspective.
• The RAND Corporation published a short issue paper in mid-2001, entitled "Super Bowl Surveillance: Facing Up to Biometrics".
• The International Biometric Group, a leading integration and consulting firm in the biometric industry, has put together a brief in response to the terrorist attacks in which they caution against thinking of biometric devices as silver bullets and point out various limitations to the use of the technology. IBG's BioPrivacy Initiative.

Previous Top News

• Human Rights Organizations Urge US Secretary of Defense to Investigate Biometric Database of Iraqis. In a letter to Secretary of Defense Robert Gates, EPIC, Privacy International, and Human Rights Watch warn that a new system of biometric identification contravenes international privacy standards and could lead to further reprisals and killings. The groups cite the particular risk of identification requirements in regions of the world torn by ethnic and religious division. The groups also note a 2007 report from the Pentagon's Defense Science Board that said military use of biometric data raise substantial privacy concerns. For a discussion of identity systems and threats to privacy, see "Privacy and Human Rights Report 2005." See also Privacy International resources. (Jul. 27)
• Britain Increasing Use of Biometrics on Schoolchildren. The British Educational Communications and Technology Agency (BECTA) released guidelines for UK schools, "BECTA Guidance on the Use of Biometric Systems in Schools." BECTA explained that the collection of schoolchildren's fingerprints is covered under the Data Protection Act of 1998, care must be taken if such data is collected, and "schools have a duty to ensure that all the personal data they hold is kept secure." At the same time, the UK Information Commissioner's Office also issued guidance (pdf) on biometrics collection from schoolchildren, who can be as young as five years old. The Office agreed that such data collection was covered by the Data Protection Act of 1998 and told schools that they "should explain the reasons for introducing the system, how personal information is used and how it is kept safe." It is not known if parents fully understand that, when investigating a crime, the UK police are allowed to access schools' biometric databases without parental permission. (Jul. 23)
• U.S. Military Builds Biometric Database on Iraqis. USA Today reports that U.S. troops are using mobile scanners to capture fingerprints, eye scans, and input other personal data from hundreds of thousands of Iraqis. Although General Patraeus has indicated that the purpose is to identity insurgents, U.S. troops are stopping Iraqis at homes, checkpoints, workplaces, and "In several neighborhoods in and around Baghdad, troops have gone door to door collecting data." A March report (pdf) from the Pentagon's Defense Science Board said military use of biometric data raise substantial privacy concerns. For a discussion of identity systems and threats to privacy, see "Privacy and Human Rights Report 2005." See also Privacy International resources. (Jul. 18)
• Federal Air Marshals to Surreptitiously Photograph Travelers. The US Department of Homeland Security is investing in face recognition technology so that federal marshals can surreptitiously photograph people in airports, bus and train stations, and elsewhere to check whether they are in terrorist databases. The Los Angeles police department already is using handheld facial recognition devices. See EPIC's Video Surveillance page. (May 10)
• EPIC Recommends Against Use of Universal Identifiers. In comments (pdf) to the Federal Trade Commission, EPIC warned against using universal identifiers, such as biometrics, in authentication systems. EPIC explained that a biometric identifier cannot be changed by a victim once his or her identity has been breached -- a fingerprint is unalterable. "Any move toward universal identifiers, while potentially deterring amateur thieves, increases the potential for misuse once determined criminals steal that data," EPIC said. For more information, see EPIC's National ID Cards and REAL ID Act page. (Mar. 23)
• Joint Paper on Biometric Encryption Released. Information and Privacy Commissioner of Ontario, Dr. Ann Cavoukian, released a joint research paper with Dr. Alex Stoianov, an internationally recognized biometrics scientist. The paper, entitled, "Biometric Encryption: A Positive Sum Technology that Achieves Strong Authentication, Security AND Privacy," discussed how biometrics can be deployed in a privacy-enhanced way that minimizes the potential for surveillance and abuse, maximizes individual control, and ensures full functionality of the systems in which biometrics are used. The paper suggested that biometric encryption could address the privacy, security and trust problems of current biometric information systems. With biometric encryption, instead of storing a sample of one's fingerprint in a database, you can use the fingerprint to encrypt or code some other information, like a PIN or account number, or cryptographic key, and only store the biometrically encrypted code, removing the need to collect and store the biometric itself. (Mar. 14)
• European Commission Plans Multinational 'Centralised Database of Fingerprints.' The European Commission has revealed (pdf) that one of its "key actions envisaged for 2008" is "implementing a centralised database of fingerprints." The proposal for a massive database of fingerprints from all 27 EU countries prompted accusations of "Big Brother Europe." The database would include fingerprints of suspects and people released without charge, as well as those convicted of crimes. The cost and scope of the massive EU-wide fingerprint database are being assessed, but the goal is to create the database by the end of 2008. Questions remain about whether the third-party countries, such as the United States, would have access to this centralized repository of EU citizens' fingerprints. (Feb. 21)
• Prum Treaty Signatories Agree to Share Access to Fingerprint and Motor Vehicle Databases. Home Affairs ministers of signatories to the Prum Treaty agreed to share access to each nation's fingerprint and motor vehicle databases. Austria, Belgium, France, Germany, Luxembourg, Netherlands, and Spain signed the treaty in 2005. Italy, Finland, Portugal, Romania, Slovenia, and Sweden and Romania issued formal notification of their wish to sign, as well. This continues an expansion of international sharing of fingerprint data. The Philippines and the US are cooperating on a joint database. (Jan. 15, 2007)
• UK to Gather Biometrics From Foreign Nationals. The UK Home Office today announced a plan to "record[] biometrics for everyone from the 169 nationalities outside the [European Economic Area] applying to work, study or stay in the UK for more than six months, and for people from 108 nationalities applying to visit the UK," to be implemented by 2008. The UK plans (pdf) to record fingerprints and facial images and also plans to begin issuing biometric ID documents to foreign nationals by 2008. (Dec. 19)
• Police Increasingly Using Handheld Fingerprint Scanners. Traditionally, fingerprint biometrics have been used in law enforcement investigations of crimes; used in laboratories and courts to identify criminals. However, law enforcement has begun using fingerprint databases outside of these contexts. In Australia and the UK, police now carry handheld fingerprint scanners so that they can quickly identify people on the streets, such as drivers who are pulled over for a traffic violation or pedestrians "suspected" of criminal offenses. The police obtain "permission" from suspects, but the voluntariness of such permission is suspect, and then check for matches in a database containing 6.5 million fingerprints. The portable biometric devices used by Australian police are made by French electronics company Sagem and can hold up to 100,000 fingerprints. (Nov. 22)
• European Data Protection Supervisor Says Biometrics Are Unreliable. European Data Protection Supervisor Peter Hustinx criticized (pdf) the increasing usage of biometric identifiers and databases by governments. He said that fingerprint and DNA identifiers are too inaccurate. He also called for stronger data protection legislation for these large databases. (Mar. 10)
• Government to Test E-Passports in San Francisco. The Department of Homeland Security will begin testing e-Passports on Sunday at San Francisco International Airport. The e-Passports contain Radio Frequency Identification chips, which transmit information wirelessly. Testing conducted last year revealed that "contactless" passports impede the inspection process, according to documents (pdf) recently obtained by EPIC under the Freedom of Information Act. EPIC has urged (pdf) the agency to abandon the use of such technology in passports because of significant security and privacy issues. For more information, see EPIC's RFID page. (Jan. 13)
• Minnesota Will Begin Using Face Recognition on Driver's Licenses. Minnesota Gov. Tim Pawlenty has announced plans to add facial recognition technology to driver's licenses as part of a plan protect consumers from identity theft. This plan includes stronger criminal penalties for hackers and others who abuse access to personal data on computers. The state will scan photos on current driver's licenses to create the new facial recognition files. (Jan. 9, 2006)
  
• Australian Airport to Test Biometrics. The Australian Immigration minister announced a six-month biometrics trial at the Sydney airport. During the testing, fingerprints, iris scans, and facial data will be collected from selected travelers on a voluntary basis. About 9 million people per year enter and exit Australia. The trial is part of a four-year program of testing and implementing biometrics systems across different government departments. (Sept. 29)
• Australian Police to Carry Portable Fingerprint Scanners. New South Wales Police will begin using portable, handheld fingerprint scanners by the end of 2006. These portable biometric devices, made by French electronics company Sagem, can be used during routine traffic stops for on-the-spot identity checks. They hold up to 100,000 fingerprints, according to Sagem. (Oct. 14)
• More Biometric Information Gathered for US-VISIT. The Department of Homeland Security announced that it would expand the collection of biometric data from visitors entering the country through the US-VISIT program. From its inception in 2003, the US-VISIT program has used a two-fingerprint identification system, but Homeland Security now will begin collecting a full ten-fingerprint set from travelers. This expands the already vast amount of personal data accumulated by the program, including some data about U.S. citizens and legal permanent residents. This information includes complete name, date of birth, citizenship, country of residence, address while in the United States, and such other information. (July 13)
• Germany Approves Plan to Add Biometric Data to Passports. The German Parliament has approved a proposal to introduce new electronic passports containing biometric data. A chip will contain a digital picture of the traveler's face, and store fingerprints starting in March 2007. These new "ePass" passports will be issued beginning in November. The ePass uses a Radio Frequency Identification chip to store and transmit information to specialized readers that will be installed in all border stations. Officials say the chip can only be read by calculating a special access code when the booklet is opened. The new passports will cost German citizens 59 Euros ($71) each, more than double their current cost of 23 Euros ($27). (July 8)
• Lufthansa, Siemens Roll Out Biometric Ticketing System. Lufthansa, Germany's national airline and the third biggest in Europe, is testing biometric ticketing on 400 of its employees at Frankfurt Airport. The system, designed by Siemens, translates a thumbprint into a barcode at check-in. Then, before boarding, the barcode is scanned and matched with the passenger's thumbprint for verification. The pilot project is called "Trusted Traveler" and is expected to be widely implemented by 2006. Lufthansa says the program will be voluntary, but will encourage its frequent fliers to have the thumbprint barcode added to their frequent flier cards. (July 6)
• Orlando Airport Debuts Biometric ID Traveler System. Orlando International Airport has begun test operations of a registered traveler program. In exchange for an exclusive security line and a guarantee against random secondary pat-down check, travelers offer their biometric information, fingerprints and iris scans, and undergo a background check by the Department of Homeland Security. Program participants, who must pay an $80 annual fee, still must have bags screened and go through a metal detector. (June 27)
• US Backs Down on Biometric Passports for EU. Acknowledging international concerns, the United States will revamp its biometric passport requirements to make it easier for foreign travelers from friendly nations to enter the country without a visa. The new passport standards require digital photographs to match with a person's unique physical characteristics by October and an embedded identification chip later. However, the Department of Homeland Security still plans to require expanded biometric data in passports in the future. (June 14)
• Congress Passes Controversial ID Bill Without Debate. The Senate yesterday approved the supplemental military spending bill to which the REAL ID Act had been attached. The legislation mandates federal identification standards and requires states DMVs, which have become the targets of identity thieves, to collect sensitive personal information. Legislators in both parties urged debate and more than 600 organizations opposed the legislation. The new licenses would have more personal information than current licenses, and may include biometric identifiers. (May 11)
• EPIC Urges Privacy Review of Transportation Biometric ID. In comments filed today, EPIC urged the Transportation Security Administration to delay its test of biometric technology for transportation workers until it conducts a comprehensive Privacy Impact Assessment. The assessment should allow the agency "to ensure protection of the privacy rights of program members." EPIC said that the program must comply with the federal Privacy Act and noted that there are unique problems associated with biometric technologies, including the varying degrees of error, the risk of circumvention, and the likelihood of "mission creep." (Mar. 18, 2005)