Biometrics & the Privacy Paradigm:Separating Fact from Fiction

utterlypanoramicΑσφάλεια

30 Νοε 2013 (πριν από 3 χρόνια και 9 μήνες)

74 εμφανίσεις

www.ipc.on.ca

Biometrics & the Privacy Paradigm:


Separating Fact from Fiction

Ann Cavoukian, Ph.D.

Information & Privacy Commissioner/Ontario



Security and Privacy: Friends, Foes or Partners?

Victoria, B.C.


February 11, 2004

www.ipc.on.ca

Slide
2

September 11, 2001

Public

safety

must

be

balanced



against

privacy
:



Security measures must be real, not illusory



New measures must be analyzed to determine
their actual effectiveness and utility


http://www.ipc.on.ca/userfiles/page_attachments/1517136_pub01
-
e.pdf

http://www.cbc.ca/news/indepth/usattacked/essay_privacy.html


www.ipc.on.ca

Slide
3

Privacy


What are the Issues?



Expanded surveillance



Diminished oversight



Loss of anonymity



Absence of knowledge or consent

www.ipc.on.ca

Slide
4

Privacy Enhances Security


Freedoms and liberties actually provide
security. People living in open societies
like the U.S. and the E. U. are more
secure

as a whole

than people living
in countries where surveillance and
restrictions on personal actions are
commonplace, and liberty and the rule of
law are weak.




Bruce Schneier,
Beyond Fear
, p. 246

www.ipc.on.ca

Slide
5

Submission to the

Standing Committee


Submission to the House of Commons
Standing Committee on Citizenship and
Immigration re: privacy implications of a
National Identity Card and Biometric
Technology


November 4, 2003



Interim Committee report questioned the
value of introducing a national ID card

www.ipc.on.ca

Slide
6

National ID Card Issues




No business case justifying ID Cards



Enormous cost of design and roll
-
out



Security vulnerabilities:


high demand for access to associated
databases


target for identity theft

www.ipc.on.ca

Slide
7

National ID Card


Only one plausible rationale:


U.S. requirements for biometric identifiers
at border crossings by end of 2004


Enhanced Boarder Security and Visa
Entry Reform Act of 2002


Canada presently exempted

www.ipc.on.ca

Slide
8

Biometrics


Definition:



The automated use of physiological
or behavioral characteristics to
determine or verify identity




Far from foolproof: myths abound,
don’t believe the movies

www.ipc.on.ca

Slide
9

The Myth of Accuracy


The problem with large databases
containing thousands (or millions)
of biometric templates:



False positives



False negatives

www.ipc.on.ca

Slide
10

Biometric Applications

Identification:


one
-
to
-
many comparison


Authentication:


one
-
to
-
one comparison

www.ipc.on.ca

Slide
11

Biometric Identification

False Positive Challenge



Even with a 99.9% accuracy rate, everyone
will have at least one false positive match



“The false alarm rate would overwhelm the
system...”


Bruce Schneier,
Beyond Fear
, p.253

www.ipc.on.ca

Slide
12

The Fallacy of the Accuracy Re:
Biometric Identification


Even if you have a 1 in 10,000 error rate
per fingerprint, then a person being
scanned against a million
-
record data set
will be flagged as positive 100 times
.
And that’s every person.

A system like
that would be useless because everyone
would be a false positive.





Bruce Schneier, quoted in Ann Cavoukian’s Submission to the Standing

Committee on Citizenship and Immigration, November 4, 2003

http://www.ipc.on.ca/docs/110403ac
-
e.pdf

www.ipc.on.ca

Slide
13

Biometric Identification


False Negative Challenge:



Attackers could fool the system



Pay
-
offs high for compromising the system



Increased vulnerability to a target once a
terrorist succeeds in obtaining a false
negative: threat escalates considerably

www.ipc.on.ca

Slide
14

Biometric Strength:
Authentication

The strength of one
-
to
-
one matches



Authentication/verification does not require
the central storage of templates



Biometrics can be stored locally, not
centrally


on a smart card, passport, etc.

www.ipc.on.ca

Slide
15

Designing Privacy Into Biometrics


The Privacy Challenges:



Central template databases



Unacceptable error rates



Unrelated secondary uses


www.ipc.on.ca

Slide
16

Final Thoughts on Biometrics


Current off
-
the
-
shelf biometrics permit the
secondary uses of personal information



The Goal:
“Technology that allows for
informational self
-
determination and
makes good security a by
-
product of
protecting one’s privacy”


George Tomko



Using the biometric to encrypt a PIN or a
standard encryption key will meet that goal:
Biometric Encryption

www.ipc.on.ca

Slide
17

“I am not a number, I am a human being.

I will not be filed, stamped, indexed or numbered.

My life is my own.”


The Prisoner TV series, 1968

“I am not a number,

I am a free man”

www.ipc.on.ca

How to Contact Us

Ann Cavoukian, Ph.D.

Information & Privacy Commissioner/Ontario

80 Bloor Street West, Suite 1700

Toronto, Ontario M5S 2V1


Phone:


(416) 326
-
3333

Web:


www.ipc.on.ca

E
-
mail:


commissioner@ipc.on.ca