The Danger of Consistent Biometrics

Join our supporters! and Check our twitter account

Biometrics are measurements of biological systems, specifically human physical traits like heartbeat, iris structure, fingerprints, gait, facial features. Technology to measure them is advancing and the use of them is limited by some governments. They are at least controled by Europan law such that biometric data has to be stored securely or rather not stored at all (enforced by fines when there is a data breach or hack). However such fines are a small price to pay to get biometric data on individuals.

You can not change your biometric features, so you can not escape detection, this means you can not escape lunatics that may be after you

There are two real risks about biometrics, but the risk aspect may not be clear to most initially. Many will say “who cares if someone has my fingerprint”. But we see every day that societies can slip into dictatorships, that political factions can become violent and sabotage others (as we see in the US), and that even seemingly harmless people get prosecuted and more or less destroyed (Navalney). All these abuses achieve nothing to improve lives or security of people and should not be facilitated by anyone. Biometrics however can offer a way to identify individuals who may want to flee or become inactive, who may want to fight injustice or who have been profiled to be a threat (Uygurs in China), it is way to easy to find examples where you think a person should be let off the hook, but biometric data would proved a water tight means to catch them.

People in Amsterdam burned the paper register that would identify jews in the city from the german occupier

The historic examples of how destruction of records of individuals saved lives are many, but for now I will focus on the two aspects that make biometrics problemantic. Biometrics is defined as creating a number that denotes a biometric feature of an individual. The first is consistency and the second is proliferation.

Some are completely oblivious to the risks

Consistency is about how you create a number (alphanumeric or hash) from biometric features. The more consistently you can do it the more dangerous the technology you use is. For example a picture of a fingerprint is not consitent compared to another picture taken with a different camera of the same fingerprint. The numbers (in this case a large image file) are never the same, so comparison and search is hard. Even if all of Russia uses the same camera and lighting (some kind of photo booth) and seat to take the image of a face every image will have a different numeric representation. The reason why pictures can be biometric data is because humans can recognize people in different pictures even if they have been taken under wildly varying circumstances.

Proliferated consistent biometric identification would help those that want to reduce systemic flexibility to the point that change would not be possible or even be imagined by anyone anymore. There are many real world examples of this mental staleness, for example North Korea

Even if you put a group of cryptographers, compression experts and image processing experts at work you still have a hard time reaching a consistent numer for an image. In the case of fingerprints you can reduce a print to a number of features such that you can compare those in a database and find matching print images. Same goes for faces and gait and posture and hands and other biometric aspects. You can train an AI algorithm to compress known data such that it will output a consistent number when supplied with a face or picture of a hand or even video of a person walking. But this consistency then depends on the dataset used to train the AI, it lives in the network connection data. That data can be shared and proliferated and today it can even be used in mobile phones. As a result you can be identified sitting in the middle of nowhere by some person that takes a picture of you. If that person works for Iran or Qanon or some lunatic violent ideologic group you are toast.

Still the above method can be eradicated, the data destroyed and devices destroyed such that a person can rest assured he will not be identified anymore. The risk of consistency is that a system is designed that can be reinstated easily and result in the same identifying number every time. The more general and simple this system is the more risk it holds because it is by now well understood that most people are followers, such that the elimination of examples (leaders) can quickly make them follow someone else. If you do that when the person that draws attention has not achieved notoriety you can be sure you can direct your population by promoting examples you do want them to follow. If you are in doubt about this read Targeted by Britanny Keiser.

Israel hacks into biometric database and can now target 1 million people

Consistency is a threat and this creates a dillema for defence departments that don’t want their potential soldiers be known, yet want to identify any enemy residing in a foreign country as reliably as possible. It may relax the paranoid a bit that it is likely that systems in different countries (who are not satelites of the US, Russia or China) are different enough to not supply each other with usefull data. Facebook however is one damn immense biometric data gatherer, not only of images but of behaviours, maybe even keystrokes who knows.

Have you uploaded todays workout performance to Facebook today? No? Are you going to be a health care burden on others? Comply!

The second risk, proliferation, has been addressed more or less already. What helps is that technology progresses, so platforms for software become obsolete, but on the other hand many have no supplied DNA and 3D face scans and endless TikTok and Instagram, Youtube movies which could be analyzed for defence and threat potential by AI algorithms, which could be building a huge biometric number DB not in one country but in many. For sure banks and other institutions already use profiling of people, the new “Know your customer” requirement to exclude political opponents. This kind of soft discrimination is real and growing, and governments like the one in Holland are not morally equiped to deal with it.

Just like you should leave a gun lying around in a kindergraten I think biometrics should be severely restricted, both in use with dutch companies and foreign parties operating and interacting with dutch citizen. No keystroke analysis, no facial recogntion, no palm pictures no voice profiling. Some want the treshold between people and automated systems to be unnoticable, I personally think it should be a choice to use a digital tool. This is absolutely not what the fossil/credit banking economy wants because it makes it harder for them keep us from realizing the screaming climate danger this system puts us in. For now many are all to happy to pretend they have nothing to hide, but they will have something to hide if they decide the future is more important than the profits of Shell or Rosneft or Aramco. On the other hand, if we abandon fossil energy the risk of war and the need to worry about biometrics will be reduced as more people can prosper without being in debt or having to respect the needs of foreign fossil fuel suppliers.