March 28, 2016 -
This past weekend, Israel’s Interior Minister Arye Dery requested another nine-month extension on the country’s biometric database pilot.
The pilot was due to wrap up at the end of this month, after already being extended for nine months last June.
Just last week, a legal adviser to the Israeli Biometric Database Management Authority acknowledged that the potential for database breaches of the country’s experimental biometric identity database couldn’t be ruled out, but that it was not a pressing concern.
Naama Ben-Zvi, the attorney in charge of biometric applications for the Prime Minister’s Office, told the Knesset Constitution, Law and Justice committee, which is responsible for oversight of the database: “It’s a question of a risk management, what you want to achieve versus what you’re risking. Nobody will sign a security certificate that the database will never leak.”
The Movement for Digital Rights (MDR) said that the admission validated the group’s claim that the biometric database project could result in an invasion of citizens’ privacy.
According to a report in The Jerusalem Post, the MDR’s lawyer stated, “At this meeting they put the truth on the table for the first time” as the authority “said on the record that the working assumption was that the entire biometric database would be hacked… and now we are not the only ones who are saying this… so why do we need this? Why take the risk?” Asked about the admission of how easily the database could be hacked, Knesset Constitution, Law and Justice Committee chairman Nissan Slomiansky’s spokesman said he did not remember the authority saying that, but, surprisingly, if they did say that, the chairman still “had no position” on whether this should impact moving forward.
A committee spokesman said that the admission that “nobody will sign a security certificate that the database will never leak” was correct, but suggested that the MDR had taken the statement a further than what was said.
In 2009, the Knesset first authorized the pilot to trial biometric identity cards – which are linked to a database containing biometric data such as fingerprints and facial images — in an effort to prevent people from using fake identity cards.
In August 2011, the Biometric Database Authority was established to manage the database, which was followed by the launch of the pilot on June 30, 2013. The first year saw 430,000 people voluntarily register.
Because it was a pilot program and due to serious concerns that abuse of the more personal information used in the cards could lead to grave privacy violations, all registration for the program has been voluntary until now, and its continuation has been an open question.
Earlier this month, the head of the Biometric Database Management Authority, Jon Kamni, said that 935,000 Israelis had joined the national database and that 1.5 million digital identity cards and passports had been issued.