About The Blog

Debate at the intersection of business, technology and culture in the world of digital identity, both commercial and government, a blog born from the Digital Identity Forum in London and sponsored by Consult Hyperion



  • Add to
Technorati Favorites


  • Creative Commons

    Attribution Non-Commercial Share Alike

    This work is licensed under a Creative Commons Attribution - Noncommercial - Share Alike 2.0 UK: England & Wales License.

    Please note that by replying in this Forum you agree to license your comments in the same way. Your comments may be edited and used but will always be attributed.

« Meanwhile, back in the real world | Main | Building the utility »

Rushing in

By davebirch posted Jul 16 2007 at 11:03 AM
[Dave Birch] There's an identity-related debate going on about data sharing by government. I don't mean to take sides on it, except to note that I would prefer to see a more technologically-informed debate, especially around the sharing of biometric data. I was making some notes about this in a data protection context and thought I would mention that the EU's Data Protection Supervisor (a Mr. Peter Hustinx) has been saying that EU governments risk violating the protection of their citizen's personal data by acting hastily in approving the use of biometrics because it was "rushing in a new era" of using biometric identifiers for security checks while standards for data protection were still not clear. In particular, he warned against cross-linking national biometric databases and he said that Europe needs standardised procedures for collecting biometric data as well as common rules and safeguards for the use of the sensitive information.

Technorati Tags: , ,

Apparently ignoring the EU's Data Protection Supervisor, the EU's Civil Liberties Committee (I'm not entirely sure what this is) has approved the setting up of a database to exchange information between Member States on non-EU citizens entering the Schengen area. More than a hundred countries' citizens are required to have a visa issued by a Member State to enter the Schengen area. The new Visa Information System (VIS) should prevent an applicant who is refused a visa by one Schengen country applying to others ("visa shopping"); to facilitate the fight against fraud and checks at external borders;  to assist in the identification of those not meeting the conditions for entry, stay or residence in Schengen Member States; to ease the application of Dublin II regulation on asylum; and to help prevent threats to the internal security of Member States. The regulation says that biometrics will used under controlled circumstances, with the emphasis on first using the visa sticker number for verification, in conjunction with fingerprints, and with fallback procedures being put in place. It also says that "photographs will not be used for identification purposes as the technology is not yet ready".

This phrase "controlled circumstances" reminded me of another recent visas story, this time concerning a Foreign Office data breach covering India, Russia and Nigeria. In the case of India, up to 50,000 Indian travellers could have been exposed to having personal details stolen because addresses, dates of birth and passport numbers accessible for more than a year. The Information Commissioner has sternly demanded a "full explanation" from the Foreign Office. Clearly, as data security professionals know, circumstances can be somewhat difficult to control.

I don't have a visa for the U.K., of course, so I have no experience of using such systems, but as mentioned before I have been experiencing Britain's biometric border control by using IRIS. Now, some people are very happy with this system:

I came back into the UK last week, and getting through passport control couldn't have been easier. I walked into the IRIS eye scanning booth, where there was no line, and less than a minute later, I was done. In contrast, the corresponding US service called Clear is a joke.
On the other hand, I've been really annoyed by it never working. Although, to be fair, it has worked 50% of the time in the last two weeks (it didn't work coming into terminal 4 from the U.S. but it did work coming into terminal 4 from Amsterdam). As it happens, I was at a seminar recently where Stephen Harrison, the Director of Policy at the U.K.'s Identity and Passport services gave the current (mid-2007) figures on IRIS. He said that there are 32 million visitors to the U.K. every year and 68 million trips abroad by people in the U.K. IRIS has 100,000 people registered on the system and the gates have been used 500,000 times.

These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]


TrackBack URL for this entry:

Listed below are links to weblogs that reference Rushing in:


The comments to this entry are closed.