FB pixel

The latest lesson on biometric data privacy could cost people’s lives

The latest lesson on biometric data privacy could cost people’s lives
 

Two United States government documents about the use of biometric identification in occupied Afghanistan lack any mention of data security on the ground.

One document, the U.S. Army’s “Commander’s Guide to Biometrics in Afghanistan” is an upbeat, 99-page lesson published in 2011 on deploying identification systems in a developing economy suffering decades of superpower warfare.

The other is from the FBI. Also published in 2011, “Mission Afghanistan: Biometrics,” and also takes a chipper tone describing the law enforcement agency’s challenging but ultimately rewarding effort to help Afghans help themselves through biometric identification.

Neither document discusses securing the data collected from Afghans and the occasional non-Afghan. Both talk about the hardware and software being used to harvest information in the field, build databases and upload the data.

The tools are described as secure and the servers holding the data are described as secure, but there is no discussion about the need to make sure the fractal-like tribal militias – or anyone else – do not get access to the biometric data.

The U.S. began scanning biometrics in 2007, and it was only in 2021 that observers outside the government began raising questions about the security of the information.

That was when privacy and human rights advocates pointed out that with the U.S. gone from the country, the Taliban could use biometrics collection kits to punish Afghan citizens who welcomed and worked with foreign armies and non-governmental organizations.

In fact, there is no way to be sure that handheld systems were not dropped in chaotic situations or abandoned at any point since 2007. Based on the government insider documents, no one operating an iris, face or fingerprint scanner was instructed on minimizing that kind of risk.

MIT Technology Review, a Massachusetts Institute of Technology news publication, in August 2021 wrote at length about breadth of data that the devices, known as Hiides, could hold and, therefore, divulge. Hiides stands for Handheld Interagency Identity Detection Equipment.

It was thought unlikely that the Taliban, which show every sign of bringing back its glory days of summary executions, amputations and strict moral policing, could get data out of a device if they could find one.

Yet The New York Times is reporting on people in the West buying Secure Electronic Enrollment Kits (SEEK IIs) used in Afghanistan on eBay. One of the SEEK IIs held dense personal data records, including iris, finger and face biometrics, on Afghans. It sold for $68.

It is not known how many SEEK IIs or Hiides remain in Afghanistan, where they are and how they can be retrieved. Allies in a U.S.-led war have to live with the threat that they can be identified by a vengeful Taliban.

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

Edge computing firm Blaze IPOs, announces security deal with Vsblty

AI-powered edge computing company Blaize, known for its collaborations with biometric surveillance developers, went public on the Nasdaq on Tuesday….

 

Illinois to get mobile driver’s licenses in Apple Wallet by end of 2025

Illinois is “working to bring IDs in Apple Wallet to Illinois residents in the future with the goal of launching…

 

Singapore slaps app stores with age verification requirement for adult apps

Singapore will impose age assurance requirements on app stores starting in April 2025, blocking underage users from downloading social media…

 

Paravision’s next generation algorithm cracks top 5 on NIST FRTE 1:N benchmark

Facial recognition from San Francisco-based Paravision has landed in the global top 5 in the primary benchmark of the latest…

 

Age assurance legislation drives talk on how to create an age-aware internet

There are few hotter topics in biometrics and regulatory circles right now than the issue of age assurance as a…

 

Breach exposes privacy risk from de-anonymization of location data

Gravy Analytics, a prominent location data broker, has disclosed that a significant data breach potentially exposed through de-anonymization the precise…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events