In her letter, Dr. Anne Cavokian offered to assist the Israeli government with ideas for securing biometric information and implementing technological measures to protect its privacy, in order to prevent real damage to the state's security and the basic rights of citizens.
Ontario's Privacy Protection Commissioner, Dr. Anne Cavokian, a world-renowned expert in information security and technological means to ensure privacy, warns that the biometric database promoted by the Israeli government will create a slippery slope to a "police state". In a letter to the member of the Public Council for the Protection of Privacy, Dr. Omar Tana, Dr. Kavokian states that the uses of the database are expected to expand due to the phenomenon of "function creep", and that the database will be a focal point for security breaches both on the part of unruly employees and on the part of attackers from outside.
Dr. Kavokian emphasizes that it is not enough to split the repository into two repositories to be located in different government ministries, as decided by the ministerial committee for legislative affairs. According to her, if one chooses to establish a biometric database, strict privacy protection measures must be implemented in the body of the database. She suggests testing the implementation of a technology called "biometric encryption", which allows the information to be encrypted using a key derived from the biometric data itself, so that the information will only be available in the presence of the person the information is about.
In her letter, Dr. Kavokian offered to assist the Israeli government with ideas for securing biometric information and implementing technological measures to protect its privacy, in order to prevent real damage to state security and the basic rights of citizens.
17 תגובות
http://www.ynet.co.il/articles/0,7340,L-3760209,00.html
One can understand the need for biometric identification documents and the initiative is welcome
But for the purpose of these documents the citizens of the country should not be sacrificed, they should not be endangered in the establishment
A database or several biometric databases that are known to be hacked anyway
And according to the State Comptroller's report, government transmitters failed to secure databases, one of which is online
Lucci:
you are not alone
It's just that the ongoing discussion on the subject is, in general, a heated discussion full of misunderstandings, and I decided that since that's the way it is, the discussion taking place here on the website has no effect on the decisions, so it's a shame on the nerves.
It's not that there isn't any risk on the subject - the danger of a police state does exist, but most of the discussion on the subject simply looks like a "discussion" of a mob.
You are welcome to read my responses in a previous discussion that took place here on the same topic:
https://www.hayadan.org.il/biometric-id-card-not-wrong-2006093/#comment-226499
light:
You did not understand.
The proposal you talked about is some idea for perfecting the protection of the biometric database and its starting point is that there is a biometric database.
Of course, Lucci did not express any objection to the improvement of the defense.
The advantages - as you can also see in the comments I wrote in the above link are many:
Criminals can be traced through a fingerprint left at the place of transfer or through photos taken by a security camera, it is much, much, much more difficult to forge an identity (in stark contrast to the far-fetched claim of some of the opponents of the idea) and therefore all your bank accounts will be more protected and in general it will be possible to guarantee a much higher probability It is high that any action that only certain people are authorized to perform can only be performed by these people.
New video on YouTube - the biometric database against Barack Obama
http://www.youtube.com/watch?v=E5CqX3q_qBo
The problem is not the law.
The problem is the proposed method.
No database is needed for identification.
You can put a code on the T.Z. that matches the hash print of that person's fingerprints/face.
Is there a match? You are the holder of the certificate. No match? You faked her.
This way no buffer is saved anywhere, and the code generation algorithm is your security mechanism.
Covers all issues, and this is just one example.
The problem with the opposition's approach today: black and white. All or Nothing.
Friends, game theory!
They need a solution to the problem. The technological side is not their strong point (and this is a statement with a lot of credit :-/ ), so they will pass on what is offered to them (and the offerers are of course...the companies that will benefit from it, at all levels of course. From establishment, to access...).
If we, the public, continue with the "we don't want anything, period" approach, we will lose.
But there is a middle way, a solution to their problem at the same time as our privacy requirements...
It is our duty to oppose the monstrous reservoir that the legislator intends to establish.
But in order to succeed, we must find and push an alternative as we can live with it and keep our privacy.
Wishing you a good day and week,
Moshe.
Lucci,
What are the great benefits of the database, which are worth the risk of accessing the information? The proposal of the article is that the data will be available only in the presence of the person to whom the data concerns. Do you object to this approach?
I agree or, moreover, I demand that the decision-makers in the government consult with scientists and professionals before passing any law in the country. It may be that today it is not done properly and that it is possible to make a biometric database properly by the book. But completely rule out a party that he's a freak? I disagree!
People will come and say, what will happen if they succeed in hacking the database?
After all, every defense can be breached, right?
Look, today we use the same encryption methods to protect much, much more sensitive things. Think about the army's databases, think about the banks, the Mossad and intelligence databases, etc. These are the databases that we should be concerned about that they won't be hacked into, or that there will be someone psycho who will abuse their privileges.
What will we do then? We will not use databases? Shall we move to browsing and vaults? Is it safer?
Don't forget that the defenses we have today are very good as long as they don't prove that p=np. And if and when that happens we will first of all be in a completely new mathematical era. And then my Israel biometric database will really be the least of our worries.
I don't know, maybe I'm unusual. And somehow it seems to me that I am the only one who does not have any objection to the law.
I will try to explain why.
The protection of such a database should not convince us more than, say, the protection that the Amazon website has for that matter. The database that I hold the data about myself should be as secure as the database that holds my credit card number. Or you know what's better, many of us have an internet bank account in one of the banks in Israel. That is, I personally can do various actions in my checking account, including transferring large sums of money to another account. The protection of my bank's database worries me more than the protection of a database that will hold esoteric personal details about me. And I do not feel very confident about the bank's MN , I feel safe that my account will not be hacked or money will be stolen from me. Because I know their defense is very good. The data is encrypted and protected, only I can access it, etc. There is nothing to do, this is progress and technology and that is where we are aiming.
what am i trying to say
Today we already have the technology to protect information in a very good way. And it's not even a particularly new or particularly complicated technology. It's all about encryption. If there are permissions to the system and only certain mod people will be able to access the data and even then with any restrictions. Just like the bank teller cannot access all the data for a certain customer. Under these conditions and more I will not have a problem with my data sitting there.
The advantages of the database are clear, more efficient administrative work, catching criminals, etc.
I see no reason to prevent such a repository.
please buy me
Can someone write if it is legal to identify the registrants at the labor bureau using a fingerprint?
These are not populist laws
These are laws with a business lobby behind them.
A bunch of companies that will make good money on it.
A bunch of friends you can't escape from anymore.
In five years this information will be used by you everywhere
for identification. Just put your hand somewhere
Or a security camera will film you and that's it
Your privacy is gone.
And another 10 years if someone wants to abuse the power
So he won't hesitate. We have always used all knowledge and power also for evil.
Because even a dog licks its grapes
Because he can.
There is no difference.
It's not that our decision makers rely on professionals…..
This is the source of the problem.
They live in a different sphere where their own interests prevail,
And the interests of the citizen are trampled without a problem.
my father
News like this deserves a place of honor on the YNET news site. According to my impression, you have a relationship with the editors of the site, and you should give a push to this news that deserves even a headline there. This is important and can certainly influence the decision makers.
indeed,
It is unbelievable that people in Israel are so indifferent, and accept this stupidity as an injury that cannot be passed over.
There are a bunch of ministers who understand nothing about technology, nothing. Not in the various options, not in its security. Nada
and passing laws, populist, dangerous, unreasonable.
And the public... is silent.
The media...betrays its values, and is silent at best.
So even if this is a "political" discussion (and it isn't, there is no service to the citizen here at any level, if you wanted it as a service to the citizen, there are safer solutions, in which there is no need for a database at all. For example, a bar code on a card with Hash Print integrated of the various imprints, etc...), and not technological. It should be discussed.
We are being worked on. They are pushing a starving mother, same-sex murder, and at the back door they are introducing this horrible law deep down.
It should be above such a site that deals with technology and science - this is a law that concerns technological and scientific aspects that have far-reaching social consequences.
And in general, wherever it is on a public stage, it should be discussed and removed from the chapter - a terrible law!
There is another way to prevent forgeries of T.Z
Until now I did not understand what the biometric law has to do with science to the extent that every scientist thinks that his opinion is needed regarding the law if it is good or not,
The discussion of the law should not be above such a site!!