Janice Kephart, founder and CEO of the Secure Identity and Biometrics Association (SIBA) has issued a press release stating in no uncertain terms that the Florida Senate’s near unanimous vote of March 27 to ban biometrics in all schools lacks common sense and denies schools the opportunity to improve safety, standards, and fiscal accountability.
“The Senate vote is based on misunderstood science,” said Kephart, “and penalizes the entire state because two districts out of 67 counties failed to follow simple and obvious program protocols. As a result, sensible biometric program implementation that includes these protocols in places like Miami-Dade are threatened because legislators believe that using biometrics to keep kids safe on buses and well fed in the lunchroom could lead to identity theft.”
Read more on Government Security News.
The Secure Identity and Biometrics Association (SIBA) press release distorts the case against biometrics in Fla=orida SB 188 as being all about identity theft. To the contrary, the anti-biometrics case isn’t even mainly about identity theft! There are myriad problems with biometrics — they rarely work as advertised, vendors are secretive about performance, vendors over-state accuracy, there are few standards for testing them, they cannot be cancelled and re-issued when stolen, they don’t work for everyone so they always need a backup etc etc — but the issue at hand in Florida and Senate Bill SB 188 is privacy.
In respect of privacy, the biometrics industry should be pressed for answers to the following:
– Is palm scanning and the like a proportionate response to the problem of lunch time queues and attendance on the buses? If a biometric collection of Personal Information is dispoportionate to the security problem being solved, then privacy suffers. There are simpler (and cheaper) solutions to the problems that do not bring the side effects of biometrics, nor the data management overhead.
– How secure are the biometrics scans and biometrics templates going to be when stored in school systems? Do school IT functions really have what it takes to manage secure databases? Who’s liable in the event that a school computer is hacked and biometric data is stolen?
– The iPhone 5S is cherry picked as a paragon of biometrics. Yes, it is widely accepted and it may be training kids to regard biometrics as normal, but the iTouch technology is carefully engineered to store the biometric templates in the handset’s secure “Enclave” chip. The standard for privacy set by Apple actually precludes biometrics being used in the manner proposed for schools, with templates stored in school computers or cash registers.
– Can we get a straight answer please from the industry on whether or not raw images are stored? One prominent palm scanning reseller recommends that raw images be retained for dispute resolution purposes, despite the statement in the article that images should not be kept. Which is it?
As an independent privacy and identity technology researcher, I support SB 188.