The Association for Civil Rights in Israel (ACRI) filed a petition to the High Court of Justice today (February 20), seeking to annul a law that would establish a governmental biometric database and to cancel of the database’s two-year pilot program. The petition was filed by ACRI attorney Avner Pinchuk along with The Movement for Digital Rights, Professor Karine Nahon of the University of Washington, and Doron Ofek, an information security expert –
According to the petition, “a centralized database of the entire population’s biometric information is a sensitive and powerful resource that provides an unprecedented mechanism for surveillance and control. It delivers a heavy and needless blow to the rights of the individual to dignity, liberty and privacy.”
The petition is not directed against the issuance of “smart” biometric identification cards, but rather against the amassment of biometric identification data in one central database. The petitioners maintain that a biometric identification system can work without a central database, which constitutes an unnecessary invasion of privacy and a breach of citizen’s security . Other countries, such as the Netherlands, Germany, and the UK, have introduced or are introducing biometric identification systems that avoid the creation of a central database.
The Interior Ministry has been working on a plan to introduce identification cards that incorporate biometric identification (such as fingerprints and facial scans) as a means of preventing identification forgery since the technology became available. In 2007, the Interior Ministry backtracked on its prior policy and began pushing for the creation of a central database alongside the new ID cards.
In the wake of public outcry against the Biometric Database Law, which passed in the Israeli parliament (the Knesset) in 2009, a compromise was reached under which the establishment of a central database was conditioned upon the success of a two-year “voluntary pilot study” designed to evaluate the need for such a database and the scope of the information collected by it.
According to the petitioners, the pilot is only intended to give the appearance of a study, the results of which are in fact predetermined. The Interior Ministry and the Population Authority “designed” the pilot, are charged with executing it, and are authorized to determine its “success.” The pilot program fails, among other things, to specify the matters for study or set parameters that would measure its necessity and success. It also omits the study of alternatives– some of which were even accepted by experts of the Interior Ministry – that would accomplish the goal of preventing forgery without the compilation of a massive centralized database (such as “privacy by design” methodologies which reduce the risks of information theft or misuse).
According to the petitioners, the population authority is trying to convince the public to participate in the pilot and argues for the safety of the biometric database. In an era of wikileaks, there is no such thing as a totally safe database. The consequences will be harsh, If and when information will leak from the biometric database.