Israel Slated for Trial of Biometric National IDs
Dan Or-Hof, a privacy and technology partner at the Israeli law firm Pearl Cohen Zedek Latzer is reporting that new regulations and orders introduced by Israel's Ministers Committee for Biometric Applications set the ground for a two-year biometric IDs issuance trial period. The Ministry of Home Affairs is making final preparations to start issuing the IDs that will contain encoded fingerprints and facial image, and will be stored in a national database. A campaign led by privacy activists against the controversial biometric database has failed to yield a positive result so far.
In December 2009, the Israeli parliament (the 'Knesset') enacted the Biometric Identifiers and Biometric Data Inclusion in Identification Documents and a Database Act (The "Biometric Data Act"). The act is meant to tackle large-scale loss and theft of identification cards and passports, later used by criminals and terrorists.
The Biometric Data Act is far-reaching. Following a two year trial period, every citizen will be compelled to provide two fingerprint samples and a facial photograph, to be digitally stored in a national database and on chips embedded in passports and national IDs (National IDs are mandatory in Israel for citizens over the age of 16). The digital ID will also carry a certified electronic signature to be used as a substitute for regular signatures in execution of transactions.
The biometric database is not made solely to manage the identification of ID and passports applications. It will also serve as a valuable source of information for law enforcement agencies, under the supervision of a new authority that the Ministry of Home Affairs established specifically for that purpose.
The act as a whole and specifically the biometric database, raise significant concerns. Privacy advocates urged the Home Office to reevaluate the potentially grave risks to information security and privacy that the database poses, including the irreversibility of biometric data loss and the public's general mistrust in the government's ability to secure the database. A proposal to transform the database into a blurred set-base that will enhance security and privacy was recently offered by Prof. Adi Shamir, a well-known cryptographer. The Law Information and Technology Authority (ILITA) backed Prof. Shamir's proposition, however the government eventually rejected it.
The new regulations under the biometric data act include a set of procedures for issuing a biometric ID, taking fingerprints and facial images from applicants, encrypting and securing the data and transferring data between authorities.
A governmental order accompanies the regulations and sets specific rules for the two-year trial period. During this period that starts in November 2011, biometric IDs will be issued to Israeli citizens, subject to their written and signed consent. At the end of the trial period, professional auditors will evaluate the extent of the trial's success under a set of predetermined parameters and feedback from applicants. Unless the Ministry of Home Affairs decides otherwise in light of the trials results and public debate, the Biometric Data Act will come into full effect at the end of the trial period, and all citizens will have to provide their biometric data at that time for inclusion in their IDs and passports.