Doubts raised over biometric passports
By Carl Meyer
The government’s plan to roll out biometric passports next year has been cast in doubt after previous efforts resulted in soaring costs and revised deadlines. At the same time, privacy experts are castigating the government for ignoring security risks in its push to bring the project to bear.
Two weeks ago, the Throne Speech reiterated the government’s 2008 budget pledge to create a nationwide biometric passport by 2011, claiming that the new feature will “significantly improve security.”
The “e-passports” will contain a computer chip embedded in the back cover that will contain a digital version of the holder’s personal information, says Passport Canada, and the objective is to protect against identity fraud, tampering, and illegal immigration.
But the Office of the Privacy Commissioner of Canada, in its annual report to Parliament last November, rejected the office’s plan to record fingerprints or iris scans. It also cited continued risks of e-passport hacking, wireless interception and the misuse of personal data by foreign governments.
Experts familiar with biometric technologies are fuming that, despite the government’s suggestion that it will hold public consultations this spring, it intends to forge ahead with the national rollout in 2011.
“It’s really popular security theatre, to make it look like we’re doing something,” said University of Ottawa Institute of Women’s Studies assistant professor Shoshana Magnet, who has written extensively on surveillance technologies, including a chapter in the 2009 book “On The Identity Trail.”
The fallibility of biometric technologies is “well known within the literature,” she said, and, as a result, “people should be much more skeptical.”
Passport Canada spokesperson Jean-Sébastien Roy insists that the e-passport “will be a highly secure and internationally respected travel document.”
The office has heard these concerns, he said, and, as a result, the chip will be readable from only ten centimeters away, and only with “special scanners.”
As well, as of January, the office has issued over 20,000 diplomatic or special passports containing the biometric chip, and “so far no difficulties have been reported,” he said.
Mr. Roy also disagreed with the notion that the technology has been demonstrated to fail, suggesting the chip “will be very hard” to break into, and noted that “it meets the security standards issued by the [International Civil Aviation Organization].”
University of Toronto professor Andrew Clement, involved with that university’s Canadian Identity Forum, said that the deferral to ICAO standards is an example of the government passing the buck.
“A country that wants to pursue a policy that would be unpopular with their own citizens then goes to an international forum, which then sets it as a standard, which the country then has to implement,” he said.
“That’s exactly what seems to have happened with biometric passports and ICAO. The Americans and others went to ICAO and said, ‘We need to include biometrics in passports,’ and they pushed that through in 2003.”
Another issue is what’s known as “function creep,” the notion that biometric data, although intended to be acquired according to Canadian privacy law, could find its way across borders to less secure environments.
The privacy commissioner’s report stated that “the potential to build databases aimed at speeding border control processes and tracking travellers across national boundaries” is a significant concern.
“The US in particular is keen to collect these and they’re under no obligation to maintain what we would consider the normal privacy standards,” said Mr. Clement.
The United States and the European Union already issue biometric passports. But the security of the EU passport was called into question recently after the murder of a Hamas agent rumored to be conducted by Israeli intelligence agents was carried out using counterfeit EU and Australian passports.
Despite other countries offering the service, both Mr. Clement and Ms. Magnet called the necessity of biometric passports into question, saying the Canadian passport as it stands today is sufficiently secure, and the promise of increased protection against identity fraud is not clear.
“People have been able to clone these passports, basically able to re-write the information on the chip, to make it look like it’s somebody else. It doesn’t solve that problem,” said Mr. Clement.
Short URL: http://tinyurl.com/yl5g2l9