Insight on the News, February 4, 2002

America’s greatness stems from principles of liberty such as freedoms of speech, association and religion. There are many potential threats to these freedoms, including government collection of biometrics, a technique of identifying people by scanning and quantifying unique physical characteristics such as facial structures, voice patterns and fingerprints.

Some hail biometrics as a new way to defeat terrorism. But before the government mandates a system that classifies Americans according to their physical makeup, we should consider the dangers. Currently, the two most popular schemes are face-recognition systems—cameras that attempt to find criminals by matching pictures of known lawbreakers with everyone in a crowd—and national ID cards containing photographs and fingerprints.

Face-recognition systems first entered the public dialogue when law-enforcement officials used the technology to scan the faces of fans attending Super Bowl XXXV in Tampa last January. While the technology did not identify any terrorists, it did flag some minor criminals.

The potential benefits of facial-recognition technology are obvious. If the government installs a camera on every street, subway system and shopping area, then law enforcement might find it easier to track down and catch known felons. But a good case can be made that doing so would lead the nation down a perilous path. It’s not that biometric systems are inherently worrisome, but they could be dangerous if they are used to expand government power.

Advocates of face-recognition technologies often point to Britain as a place where government use of closed-circuit cameras is ubiquitous but liberty appears intact. All is not as it seems there, and Britain is moving incrementally toward a devastating loss of personal freedom. George Washington University law professor Jeffrey Rosen recently traveled to Britain to examine the effects of the cameras and discovered some interesting facts. Consider:

Officials in Britain told Rosen that no terrorists had been caught using the technology, and there was no hard evidence that crime rates were affected. In fact, the violent-crime rate there went up during 2000. Still, the cameras continued to proliferate because they gave the public a feeling, however false, of security. It is worth noting that one of the likely reasons no terrorists were caught is because many terrorists are not suspected in advance of their crimes and, if they are, they likely use disguises.

If a false sense of security was the only flaw with the increased use of cameras, perhaps they wouldn’t be so threatening. But Rosen found other problems.

He writes that, in Britain, “the cameras are designed not to produce arrests but to make people feel that they are being watched at all times. Š The people behind the live-video screens are zooming in on unconventional behavior in public that in fact has nothing to do with terrorism. And rather than thwarting serious crime, the cameras are being used to enforce social conformity in ways that Americans may prefer to avoid.” This is where the problem lies.

The technology can be used to pressure individuals into acting according to majority norms because they worry they will be identified and persecuted. For example, a Muslim may not walk into a mosque, or a gay couple may avoid public displays of affection. These problems are reminiscent of the world George Orwell conceived in 1984. In Orwell’s vision of “English Socialism,” Big Brother monitors all citizens through omnipresent cameras called “telescreens.” A “Ministry of Truth” replaces freedom of expression.

Most proposals for the use of face-recognition technology in the United States have been limited to matching faces with a database of criminals in limited areas such as airports and stadiums. But it is easy to see how calls for increased screening could arise. In Britain, cameras multiplied after the murder of a 2-year-old boy in 1993. The cameras did not aid in finding the criminals, but they did record the prelude to the crime and led to an outcry for greater surveillance.

It is important to understand that loss of freedom tends to happen incrementally rather than immediately. The cameras in Britain originally were intended to focus only on criminals. Now they focus on everyone and, in particular, those who are doing things law-enforcement officials don’t think they should be doing.

Some might argue that when one is in a public place such as a street, one should expect to be observed by many people, including law-enforcement agents. This is true. However the government, unlike businesses, can compel our compliance. If it gains the ability systematically to watch our movements and can combine that knowledge with other databases, the example no longer is akin simply to being observed by passive bystanders.

The situation then turns to one of being profiled and stalked by an entity that can back up its actions by force ‹in essence, a police state. To be sure, a full-fledged police state is not necessary for abuses to occur.

One evening while Rosen spent time with bored surveillance officials in Britain, he saw them watch young couples making out in cars and zooming in on good-looking women, leering at them from afar. Not only is this use of the technology wrong, but it also could put individuals in danger, as when the motor-vehicle database in California was used by an obsessed fan to track down and kill actress Rebecca Schaeffer in 1989.

National ID cards containing photographs and fingerprints are another popular biometrics proposal. One month after the Sept. 11 terrorist attacks, Sun Microsystems Chief Executive Officer (CEO) Scott McNealy told a crowd in Florida that a national ID card system, using Sun’s technology, was necessary to guard against future terrorist attacks. A January USA Today/CNN/Gallup poll showed that slightly more than half of Americans support the idea, and Oracle CEO Larry Ellison was widely rumored to be pushing the idea with federal government officials. But as technologists, both McNealy and Ellison should know that a computer system is only as secure as the people running it.

Governments routinely fail to secure data against prying by outside sources. Last year, just hours after the Department of Justice posted details of the Carnivore review process on its Website, computer users were able to uncover secret information about the reviewers, including their ranks and security clearances. These flaws were not surprising given that, during the last couple of years, the General Accounting Office (GAO) has issued several reports saying that federal agencies are “fraught with weaknesses,” putting the nation’s assets and operations “at risk.” All of this shows that even after government repeatedly is warned of problems, and even when it does its best to protect the data it holds, it often fails.

Every year California’s Department of Motor Vehicles issues more than 100,000 fraudulent driver’s licenses to criminals who could use them to steal the identities of unsuspecting victims. Federalizing the database is unlikely to solve this problem. Adding biometric data, such as fingerprints, would be similarly ineffective because government officials always can be bribed and every system, no matter how sophisticated, can be hacked.

The above examples demonstrate that it is far too easy for malicious criminals to abuse government database systems, whether they be national ID systems or data collected and stored through face-scanning activities. Even more worrisome is that the government could use increased domestic surveillance as a weapon against its political enemies.

Martin Luther King Jr., John Lennon and others that J. Edgar Hoover’s FBI didn’t like became targets of illegal government surveillance. And it’s not necessary to go all the way back to the 1960s to find government abuses of privacy.

IRS employees have been known to “browse” the tax files of people they knew or wanted to know. In 1997, when an IRS employee was charged with browsing, he was let off the hook because no one could prove that he actually gave the information to anyone.

In 1998, it was revealed that the Los Angeles Police Department used illegal wiretaps to monitor citizens, collect evidence illegally and invade privacy. The number of innocent people illegally wiretapped is unknown but it likely is in the thousands. In light of this record, giving government new surveillance powers seems like giving a teen-age boy a bottle of booze and car keys and asking him not to drink and drive.

Since many criminals, especially terrorists, are first-time offenders, law enforcement likely will argue that it makes sense to add all the photographs from the national ID database into the face-recognition system so that they immediately can identify even first-time offenders. If Americans can be convinced that government should scan people’s faces everywhere they go in public, then it’s not much of a stretch to convince them that law enforcement should be able to identify the people being scanned. After all, it will be argued, law enforcement only is trying to ensure public safety—if you’ve done nothing wrong, you have nothing to fear.

Biometric technology is not in itself a bad thing. The use of biometric devices to authenticate services or control access to certain areas is a much-needed measure to enhance security. Likewise, businesses already use private camera surveillance in and around banks, casinos, convenience stores and many other locations. Those private records can be subpoenaed in the case of a crime, such as when a private security camera linked Timothy McVeigh to the truck used in the Oklahoma City bombing, but otherwise the government cannot access these records or link them to other cameras. The issue is the use of this and other technology to expand the power of government.

The government already maintains massive databases for Social Security and financial and medical information, but its record of using and securing this data is decidedly mixed. The push to deploy biometric technology to obtain even more information from ordinary citizens ought to raise red flags. Systematic surveillance of Americans by government is something to avoid if we wish to maintain the freedoms that define this country.

Sonia Arrison is director of the Center for Technology Studies at the San Francisco-based Pacific Research Institute and is the author of Consumer Privacy: A Free Choice Approach. She can be reached via email at sarrison@pacificresearch.org.