Loss of Privacy

The Nigerian Immigration Service plans to build a database of biometric information for reference purposes and will begin registering with African expatriates living in Nigeria.

A statement reviewing its activities in 2009 and projections for 2010 made available to newsmen in Abuja said that in the area of internal security, “the NIS shall commence the biometric registration of non-Nigerians in the country beginning with Africans, in the first quarter of 2010. The purpose of starting with Africans is because the NIS already has a data base for Non-Africans. The equipments have been configured and a test-run, conducted, while operational vehicles have been purchased.

“The objective of the registration is to have a data base of all foreigners resident in Nigeria for reference purpose. It will not be an exercise to remove illegal aliens, but a programme that will be of immense benefit for aliens as there will be official records to prove that they are resident in Nigeria and therefore entitled to Federal Governments protection and other benefits that accrue to them in line with international practices.

The objective of the visa review also includes placing Nigeria in a position to benefit from the global upswing in tourism, divest Foreign Direct Investment (FDI) to create more job opportunities for Nigerians and reinforce professionalism and work ethics by transforming the entire visa issuance process to be technologically driven, simple and convenient without compromising national security.

According to the statement, the Comptroller-General of Immigration, Mr. Chukwurah Udeh, promised to consolidate on the success of the e-passport amongst other programmes. “The e-passport will be issued in more Nigerian missions abroad. Very importantly, with effect from December 31, 2010, the Machine Readable Passport (MRP) will cease to be a valid travel document. Consequently, from the January 1, 2011, only holders of the e-passport will be allowed to travel out of Nigeria”.

While this is intended as a way to better track people immigrating to Nigeria and for the Nigerian government to know who is in the country, the removal of all MRPs is a curious one. While MRPs are being phased out, there are still some people who have them from other countries where they do not expire in 2010. My passport, for instance, expires in 2013 and is an MRP. I will not have the new RFID type passport until then. I wonder if I would be stuck in the country if I went to visit and tried to leave again.

The leaked promotional video from INDECT indicates that the EU has plans for massive data mining while ignoring privacy issues.

Watermarking of published digital works such as film, audio, or other documents is discussed in the Project INDECT remit; its purpose is to integrate and track this information, its movement within the system and across the Internet.

The simplified example of the system in operation shows a file of documents with a visible INDECT-titled cover stolen from an office and exchanged in a car park. How the police are alerted to the document theft is unclear in the video; as a “threat”, it would be the INDECT system’s job to predict it.

Throughout the video use of CCTV equipment, facial recognition, number plate reading, and aerial surveillance give friend-or-foe information with an overlaid map to authorities. The police proactively use this information to coordinate locating, pursuing, and capturing the document recipient. The file of documents is retrieved, and the recipient roughly detained.

An expansion is currently underway that will develop the FBI’s current fingerprint collection database into a new biometrics system that includes DNA, facial recognition, palm prints and voice scans.

The plan is to share this data with authorized U.S. and international investigative partners, as the agency does today.

The FBI’s current IAFIS database remains a workhorse; it processes about 200,000 daily transactions from its 370 million 10-fingerprint records, and it just crossed the 250 million transaction mark

The next-generation FBI database system is under design by Lockheed Martin, with MorphoTrak and others, and is expected to include DNA, iris scans, advanced 3-D facial imaging and voice scans among its multi-modal biometrics. Lower turnaround times for delivering information over wide-area networks are planned. The goal is to drop from a roughly two-hour response time for IAFIS urgent requests to less than 10 minutes.

The FBI is already moving into new areas, including setting up a palm-print repository and searchable databases for scars, marks and tattoos that it will be collecting.

The FBI, under the DNA Fingerprint Act of 2005, is now allowed to collect reference-sample DNA material for biometrics analysis purposes at the time of booking, Grever said. “DNA has become a powerful and timely tool,” said Grever, adding there are no “privacy or civil liberties issues beyond those associated with fingerprints.”

Given that DNA can be fabricated, how accurate is this new biometric database going to be?  Given that they’re tracking everything else about you, it won’t be long before whatever makes you “you” is in a database somewhere.

The UK’s Home Office has already started a reciprocal exchange program with Canada and Australia in which fingerprint data of  asylum seekers, foreign criminals, and migrant workers are used to investigate those who are under suspicion by the UK government.  The US and New Zealand are expected to join soon.

“This new agreement will help us identify and remove individuals whose identities were previously unknown but also improve public safety through better detection of lawbreakers and those coming to the UK for no good,” UK Border Agency deputy chief executive Jonathan Sedgwick said in a Home Office statement.

In the first year of the agreement, each country will have access to 3,000 sets of fingerprints with partner countries, a figure that is expected to rise as the scheme progresses.

The project will use encryption and other security tools to protect all shared files, the Home Office said. As a privacy measure, it will ensure that all fingerprints remain anonymous and cannot be linked to an individual unless a match is detected. In addition, there will be no database of collected fingerprints and all prints will be destroyed once a check has been made.

If the fingerprints are destroyed once a print is made, then how do they expect the database to increase?  Oh that’s right.  They aren’t going to destroy them, they’ll just say they did and say, “Oops,” when they get caught later, when it’s too late.

A team of researchers at the University of Southampton, UK has received funding to determine whether or not the human ear can be used like fingerprints and retinas as a biometric identifier.  The scientists intend on generating sounds by using the otoacoustic emissions, the ear-generated sounds that emanate from within the spiral-shaped cochlea in the inner ear, and then determine if those sounds can be used as a viable biometric technology.

Typically, sounds entering the ear cause these outer hair cells to vibrate, and these vibrations are converted to electrical signals which are transmitted along the auditory nerve, allowing the sound to be sensed. Crucially, these cells also create their own sounds as they expand and contract.

That’s because “hearing is an active process – the ear actually puts energy into the incoming sound waves to replace energy lost as sound is absorbed by the ear’s structure”, says Stephen Beeby, an engineer at the University of Southampton, UK, who is leading the research. “This process helps us hear things we otherwise would not, but as a result some of the energy added by the hair cells escapes as OAEs.”

If those noises prove unique to each individual, it could boost the security of call-centre and telephone-banking transactions and reduce the need for people to remember numerous identification codes. Stolen cellphones could also be rendered useless by programming them to disable themselves if they detect that the user of the phone is not the legitimate owner.

There are a number of problems that must be dealt with, he says. In subjects that have been drinking alcohol, for example, emissions are deadened. And different drugs alter the amplitude of OAEs, as do ear infections or wax build-up.

I suspect that this identification method has a long way to go.  If it needs to be recorded to authenticate, then it, too, will be easily spoofed just as the other forms of biometric identification have been.  If such a system is used, then one must always remember that identity and authentication should always be kept separate.