- Security TWENTY
- Women in Security
The Government has been largely silent on biometrics since the abolition of the Government’s Identity Card Programme in 2010 and the destruction of the National Identity Register. And yet, in other policy areas, including immigration and law enforcement, use of biometric identification systems by the state has expanded. If the Government is to build public trust in biometric data and technologies, there is a need for open dialogue and greater transparency.
So says the Science and Technology Commons Select Committee. In its latest, 51-page report, Current and future uses of biometric data and technologies, it calls on the Government to set out how it plans to facilitate an open, public debate around the use of biometrics. The committee of MPs says: “In the absence of a biometrics strategy, there has been a worrying lack of Government oversight and regulation of aspects of this field.”
As for the security of stored biometric data, the report says: “High profile cyber-attacks and data loss incidents have undermined the public’s confidence in the ability of both Government and industry to store their data securely.” Security considerations should never be an “afterthought” or an optional extra, the MPs say. They call on the Government to ‘outline the steps taken to mitigate the risk of loss, or unauthorised release, of the biometric data that it holds’. The committee wants the Government to drive ‘the development of a set of information standards that companies can sign up to, under which they commit to explain to individuals their plans for the use of personal data (including biometric data), in clear, concise and simple terms’. As for what law applies to biometric data, it’s the Data Protection Act 1998, the MPs point out.
Isabelle Moeller, Chief Executive of the Biometrics Institute, says: “It is very noticeable that the Committee stresses the delay by Government in creating a strategy for biometrics and privacy yet law enforcement agencies are quickly moving ahead with extended use of biometrics. This is pretty common. Policy and legislation often cannot keep up with technology developments. We have seen this before. In 2006 the Institute developed a Privacy Code for the Australian biometric industry to address gaps in Australian privacy legislation. The new Australian privacy principles addressing biometrics only came into place in 2014.
Moeller says: “The Institute offers an international and cross-user community scope with its global membership. It promotes the responsible use and trusted technology and handling. It provides a forum for international dialogue which helps highlight convergence over quality, appropriate use, strong standards and proportionate, legitimate and thoughtful use. It all comes back to the responsible use which Biometrics Institute members underline.”
The Institute made a submission and given evidence to the enquiry in November 2014. The Institute stressed the importance of informing the public that not all biometrics are the same and that they are not infallible. Managers of biometric systems should recognise this and it should be built into the planning and operations of any biometric system, the industry body adds. It has a Biometric Vulnerability Assessement Expert Group (BVAEG), due to next meet in October 2015 in London, which also sees the Biometrics 2015: Secure identity solutions now! event from October 13-15: http://www.biometricsinstitute.org/events.php/556/biometrics-2015-secure-identity-solutions-now.
For the committee report visit – http://www.parliament.uk/business/committees/committees-a-z/commons-select/science-and-technology-committee/publications/