[IP] New High-Tech Passports Raise Snooping Concerns
Begin forwarded message:
From: godaddy <peterb@xxxxxxxxx>
Date: November 27, 2004 9:21:44 AM EST
To: dave@xxxxxxxxxx
Subject: Re: New High-Tech Passports Raise Snooping Concerns
Based on the 9/11 reports there appears to be some indications that the
effective use of passports does in fact have some ability to deter
terrorist activities. There also were unprecedented failures. That
argues for better designed passports. However any identity
documentation carries with it other risks, and often fairly
sophisticated entry cards can be spoofed, one example of which was
where guest workers on the west coast simply mailed back their
credentials for re-use by other people. The idea of an
"internet of things" brought about by RFID is a larger issue.
As such, most identity documentation also carries with it some concept
of weighted risk; as well as other assumptions of geography, and
territory which in turn can be linked back to stones piled on farm
lands, or fences which eventually became moated castles, or walled
cities, etc. There are also non-geographic identity tokens that might
indicate you are an employee, or customer, or fall into a specific
role, but geographic identity links back to groups of people. All
these things have become more virtual.
The implicit message is that "this is my place, you are here as a
guest, tourist, etc., and both you and I have some rights in this
situation". As such this is a perfect issue for the ACLU since it is at
the intersection of civil liberties, but being narrowly cast as a
privacy concern when it is much more than that.
Whether the snooping concerns (since they can be mitigated fairly
simply with the right protective rf blocking carrier) are valid seem to
stem from the apparent automation in the collection of the data.
Encryption and other standard practices would go along way to mitigate
these risks.
Further down the road we will see that the form of the material to
contain the information is somewhat irrelevant, as well as the method
of it's collection. All identity information is now at risk. Data is
data, whether it's embedded on a chip or in some database. However,
genetic data is not only permanent, but passed from generation to
generation and thus presents very special forms of risk.
Issues regarding security stem back to the basics of information
integrity, and restricting access to people or machines/systems that
have a demonstrated relevant valid purpose in using that information.
What is more important is the individuals ability to control their own
information, and not have it spread all over without their willing
consent. Up to this point there's little to indicate that we are
willing to manage the problem effectively, since the degree of risk,
(which in turn requires some hard core analysis), is less well
understood in a world of interconnected electronic systems. But the
fundamental notions of a freedom to travel, safety while travelling,
and a respect for a host countries laws, as well as the healthy
economic benefits of immigration, tourism, and travel do not change
from the processing challenges of the presentation of one's national
identity and the protections (or lack thereof) that stem from that
national identity.
Peter Bachman
Cequs Inc.
peterb@xxxxxxxxx
-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/