The United States' new biometric system of border controls violates civil rights without delivering security, the head of the London-based civil liberties watchdog Privacy International warned Friday. The system involves a "wholesale and aggressive violation" of privacy but was also likely to generate errors and eventually collapse under its own weight, Privacy International Director Simon Davies said.
Davies was speaking after the release of a critical report on the U.S. Visitor & Immigration Status Indication Technology System (US-VISIT) prepared by Privacy International and a day after the system, which began operating in January, was extended to cover the citizens of 27 "visa waiver" countries -- including the U.K., Germany, and Japan -- whose populations are considered to be friendly to the United States.
Under the system, supplied to the U.S. Department of Homeland Security by the technology services company Accenture Ltd., visitors have their photograph taken and undergo two digital index-finger scans before clearing immigration controls.
The extension of US-VISIT system to the visa waiver countries had gone smoothly, U.S. officials said Thursday, but Davies warned of future problems.
"I think this system is actually going to endanger security," he said in a telephone interview. "It was introduced shortly after 9/11 with no debate and no consideration of the practical problems involved. I know the system won't perform as promised." The solution to the U.S.'s security problems was not mass surveillance but targeted intelligence gathering, the privacy campaigner said. "This is using a sledgehammer to crack a nut."
German researchers have already shown it is possible to fool the system by covering fingerprints with a film of rubber gum, Davies said. And a statistically significant percentage of people -- such as bricklayers or those with severe arthritis -- will not be able to use the fingerprinting system, he said. "What happens when I visit the U.S. and I have my arm in a sling? What do they do then? There are dozens of cases were there is likely to be trouble."
Davies sees the development of an integrated and interoperable global system, with the likely adhesion of countries in the European Union, Canada, Australia and Japan, as a further threat to civil liberties and to the reliability of the system. "As the system grows the opportunity for error will rise exponentially," Davies said. "That's a mathematical equation you can't escape, but it seems to have slipped the minds of U.S. and European officials."
The Privacy International report predicts there could be as many as a billion identities within a global biometrics and data system within fifteen years, if major countries follow the U.S. lead. "The potential for mass error in such a system cannot be overstated," it says. The report cites the case of Brandon Mayfield, the Oregon lawyer whose fingerprint was wrongly matched with that on an unexploded backpack used in the March 11 terrorist bombings in Madrid, as an example of the unreliability of current fingerprinting technology for establishing identity.
"This program is a slap in the face for those countries that have regarded the United States as a friend and ally," Davies said. "The fate that befell Yusuf Islam (formerly known as the singer Cat Stevens) will happen to a countless number of other travelers. They too will have no rights under U.S. law when falsely accused and deported." Islam was barred from entering the U.S. last month on national security grounds.
Davies said flaws in the system could seriously disrupt air travel to the U.S. and its eventual collapse could undermine confidence in the U.S. security apparatus. "I don't believe that an imperfect system is better than nothing," he said. "I think this is going to endanger security. They made a huge error of judgement to appease public opinion in the U.S."
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.