Monday, November 26, 2007

Why biometric ID is a bad idea

I'm not all that against the idea of an compulsory ID card. I mean, most of us carry around enough stuff with us anyway - driver licenses, bank cards, AA cards etc. that it makes no difference. And here in Spain (and elsewhere in much of Europe) everybody carries their photo ID (which you have to show when buying anything using a credit/debit card) and it's not a big deal.

However, I am very against the use of biometric data, such as fingerprints or iris data, for the purposes of identification. For one simple reason: once it is stolen, it cannot be reset.

If somebody gets hold of your bank card details, your PIN number, your passport number, your email, your drivers license etc. it's a pain, yes, but a quick phone call to relevant people and the old number/card/document is declared void, and you get a new one. If somebody steals your fingerprint, they have it for life. Furthermore, we leave our fingerprints on every single thing we touch. And yes, it really is that easy to make a copy, as the ever-reliable Ben Goldacre demonstrates.

No comments: