Slashdot Mirror
Would a National Biometric Authentication Scheme Work?
Ian Lamont writes "The chair of Yale's CS department and Connecticut's former consumer protection commissioner are calling for the creation of a robust biometric authentication system on a national scale. They say the system would safeguard privacy and people's personal data far more effectively than paper-based IDs. They also reference the troubled Real ID program, saying that the debate has centered around forms of ID rather than the central issue of authentication. The authors further suggest that the debate has led to confusion between anonymity and privacy: 'Outside our homes, we have always lived in a public space where our open acts are no longer private. Anonymity has not changed that, but has provided an illusion of privacy and security. ... In public space, we engage in open acts where we have no expectation of privacy, as well as private acts that cannot take place within our homes and therefore require authenticating identity to carve a sphere of privacy.' The authors do not provide any suggestions for specific biometric technologies, nor do they discuss the role of the government in such a system. What do you think of a national or international biometrics-based authentication scheme? Is it feasible? How would it work? What safeguards need to be put in place?"
That turned out well, didn't it?
Understanding the scope of the problem is the first step on the path to true panic.
The summary talks about a common misconception, and manages to create another.
Authentication is when you identify(as in Identity) yourself, when you want to(say, to enter your home), or to get that 5% rebate at that place you like to eat at.
Anonymity is when someone else wants you to identify yourself, and you refuse.
Imputability is when someone's done something and 1) you want to Identify them properly, and 2) do something about some of the people you identify(presumably because something they did was wrong)
Anonymity is something private citizens like, in part because they don't much like imputability. That is when they do something, and it's not tied to their Identity.
Forcing someone to authenticate themselves is something the police, for one, likes, because
1) It prevents them from being blamed for mis-identifying someone
2) If they catch you doing something, and impute it once you authenticated yourself, they're fairly sure they impute it in such a way, it will follow you for a long long time(if they can impute your "identity" more on that later.
However, it has its drawbacks
1) If you authenticate yourself with falsified credentials, you get someone else blamed for your acts
2) It doesn't deal with the fact that you may be unable(damaged or lost credentials)/unwilling to identify yourself/automated systems may mis-indentify you
It doesn't solve the question of "Identity" itself either. Like when the no-fly list(falling under imputability) lists names(which can be the same for two people), leading to the same result as a falsified authentication.
Just a quick summary:
Identity: Who you are
Authentication: Proving who you are
Anonymity: Not having to say who you are
Imputability: Blaming who you are
The four are interlinked, but often confused, as in the article.
People interested in laws like RealID need to pay a lot more attention to distinctions between all four. Until the authentication part can be more more foolproof, the imputability is scary(you can be blamed for stuff you haven't done), the anonymity, well it's scary to those who'd rather deal with people they can identify(and therefore impute, think contracts to keep it in the white hat sphere). And the Identity, well that's the real problem. If you have a single, centralized database, any single mistaken Identity becomes life-altering, if not actually life-threatening(correcting someone's id with falsified credentials in order to make their lives a living hell? Yes, it can do that).
Does that bother you a little? I know it does me.