This month, the smart identity cards and biometric database project was launched, within the framework of which every citizen will be able to replace his identity card and passport with a smart card. What are the goals of the project, why are they opposed to it and what is the alternative? A legal expert answers
By: Ido Gnot, Galileo Magazine
On July 8, 2013, Interior Minister Gideon Sa'ar and Deputy Minister Faina Kirschenbaum launched the smart identity cards project and the biometric database at the Population Bureau in Rishon Lezion. As part of the launch ceremony, Minister Sa'ar said that "this is a process that Israel has been waiting two decades to enter into."
As part of the pilot, any Israeli citizen who wishes to do so will be able to contact the offices of the Ministry of the Interior and replace his current identity card and passport with smart cards, which are expected to be much more difficult to forge. As part of the move, the citizen will also provide his fingerprints as well as a biometric-quality photo of his face, which will be added to the Israeli biometric database.
>> Galileo magazine as a gift! Click here to receive the benefit
Pros vs. Cons
The stated goal of the project is first and foremost to put an end to the phenomenon of forgery of identity cards and passports, which, according to the authorities, number in the hundreds of thousands. These forgeries are used by criminals and hostile elements impersonating Israeli citizens. However, the biometric database is expected to be used for other purposes as well, primarily the deciphering of crimes, and it is intended to be accessible to the police and several other security agencies.
Despite the apparently positive goals of the project, many opponents have arisen in recent years, presenting a long list of arguments. From a serious violation of citizens' privacy, a danger that the database will leak out (as happened in the past to the population registry), a danger that in the future the use of the database will be extended to needs beyond those stipulated in the original law, to extremely high ongoing costs, and all of this alongside a questionable benefit.
Recently, Channel 10 revealed an internal document of the Ministry of Justice, which was mistakenly distributed widely, in which the ministry warned of security holes in the biometric database, holes due to which, according to its authors, the experiment would not be able to start on time. The Ministry of the Interior responded to the disclosure by claiming that the loopholes referred to in the Ministry of Justice's document are not directly related to the citizens' personal data.
The citizen's privacy may be compromised
Following the publication (and even before the pilot was launched), we conducted an interview with the lawyer Yonatan Klinger, the legal advisor of the movement for digital rights, who is one of the fierce opponents of the biometric database project.
What is at the center of the bill to establish the biometric database in Israel and what are the initiators of the law trying to achieve through it?
"The law to establish the biometric database is not just the law to establish a biometric database, and that is the problem. The law entangles two things that do not need to be entwined: the first is the process of issuing smart identity cards, identity cards that will be based on encryption keys that cannot be hacked and forged. The second is the storage of information on both fingerprints and facial images of all citizens in a central database. The database will be accessible to the police, the Shin Bet, the Mossad and some employees of the Ministry of the Interior."
"The initiators of the law claim that the database is intended to prevent forgery of identity cards and impersonations, but in practice, although other methods to prevent forgeries and impersonations were proposed to the initiators of the law, which are less invasive of privacy (for example, the Shamir method), they opposed them. In practice, after a confidential protocol of the Ministry of the Interior was leaked, the real purpose was revealed: the police claimed that if the other proposals were accepted, the police uses would not be effective enough, and therefore insisted on a biometric database. In practice, the main purpose of the biometric database is to transfer information to the police."
The bill was approved by the Knesset about four years ago - what caused the delay in establishing the reservoir?
"This is a question that should be addressed to the Ministry of the Interior. The bill was approved, and it was written that within three months an experiment would begin to examine the suitability of the law and the necessity of the reservoir; The problem was that the Ministry of the Interior, which pushed for a long time to advance the bill, was not at all prepared to carry out the pilot and issue the smart ID cards. It so happened that two years passed from the approval of the law until a trial program was created."
"When the trial program was submitted, the Association for Civil Rights and the Movement for Digital Rights saw that it was a non-serious program, and as a result we petitioned the Supreme Court. After a short hearing on the petition, the Supreme Court recommended that the state change the trial plan, and it was changed accordingly about a year ago. From then until today I do not know what delayed the state, but despite the claims that the experiment was carried out in a short time, until today (these words were said on July 2) the tenders for the security of the database and the biometric comparison software, the software that is supposed to verify that there are no fake fingerprints, have not been closed or predictions".
What is expected to happen as part of the soon-to-be-expected experiment?
"I estimate that the Ministry of the Interior will put pressure on the citizens to participate in the experiment and at the same time we will conduct a campaign against it."
Are there countries where biometric databases exist in a similar format?
"As far as I know, there are no countries where there is already a database that is mandatory for all citizens, which stores fingerprints as well as facial photographs for the purpose of identity cards. There are repositories that are not mandatory, and there are repositories that store only part of the information. It is important to remember, and Israelis do not know this, that in most countries there is no population register in the sense that we have and there is no identity number."
Why do you, along with other experts, oppose the establishment of the reservoir in its current form and what is the appropriate alternative proposal in your opinion?
"The proper proposal in my opinion is to start with an experiment of smart ID cards without a biometric database. In the meantime, the state has not been able to present numbers of forgeries or predictions, and each time presents a figure of 350 or 150 stolen or lost identity cards - when the state presents these two numbers alternately, each time a different number. The problem is that no one knows and does not claim to know how many people exist with a double identity (that is, those who hold two legal documents issued by the Ministry of the Interior)."
"The first step, before infringing on the privacy of all citizens, is to check at all what the benefit of smart IDs is, and if the benefit does not justify considering switching to the Shamir method. A method that allows the preservation of biometric information without harming the privacy of citizens."
More on Galileo:
- What are the health risks of watching TV before bed? Research reveals
- Visit the first residential building in the world where the energy it needs is produced from the sun and accelerated
- Watch rare footage of open heart surgery performed on a baby
What is the Shamir method?
The Shamir method, named after Prof. Adi Shamir, also known as the "dimming method" is designed to reduce the risks associated with the leakage of privacy from the biometric database. According to this method, there will be no direct link between the personal details of a person appearing in the database and their biometric data. Instead of the direct link, there will be a multiple link database, meaning a situation in which some number of citizens (several hundred for example) will be grouped together in a cluster - a kind of virtual cell - which will include all the names of the citizens included in the cell along with their biometric data, but without a direct link between the name of a particular citizen for biometric data.
In this way, it is impossible to link a person to his biometric data. On the other hand, it will be possible to check using the dimming method if a person appears in the database, and it will be possible to catch a person impersonating someone else with a relatively high probability, and this is because the number of drawers in the database is large and the probability that an impersonator who does not know the database will randomly choose a correct match between a biometric data and a person is very small.
4 תגובות
A dangerous reservoir whose damage will become clear over the years. A smart ID is something that should have happened many years ago
This dill method sounds great. In any case, if regular security cameras can provide the police with information about the identity of criminals who have been photographed, it will be a holiday for the rule of law and the personal safety of every law-abiding citizen. And what do I care if someone has my fingerprints and photo?
The Jewish people were and remain a nation of slaves who let all kinds of foreign entities rule over them.