Slashdot just posted a piece that Bloomberg wants to build a database of every valid US worker to include DNA or fingerprints. This is completely insane, and more importantly its completely unnecessary.
This is insane because centralization of data is a bad idea. Just look at what recently happened with the analyst at the VA who was robbed with his laptop containing 26 million veterans records. Imagine a ~150 million worker database containing biometric data. Crazy insane. But again, its not necessary to build such a database.
I am not against the idea of unique identification via a biometric, but just don't centralize the data. If you want to make sure a person is a valid worker, build a mag card that holds two things:
- Biometric 'signature' of a person's fingerprint stored as a small data file
- Digital signature w/certificate of the biometric signature generated by a 'signature authority' with a valid certificate chain.
That's it. What this would do is create a card that can be self-authenticated without any network access. You have a terminal that takes a fingerprint, produces a signature, then compares it to the one on the card. The digital signature would be validated against the stored biometric data to ensure it has not changed since the authority 'signed' it. This terminal could be completely disconnected from any network and still produce a valid result. No log would have to be generated. No loss of privacy would result. If someone had the card it would be useless without your finger to validate it with. Its just like your signature, just one someone cannot copy without compromising a signature authority. This is not novel, its been done before although there they were trying for much more. The above idea is a simple, cheap way to ensure identity without loss of individual control or privacy and more importantly without the need for centralization.
erm..don't you think the retarded implementation is pretty far down on the list of reasons to be concerned about this great plan? Anyway, you can argue the technical details with the stormtroopers when they come knocking on your door late one night.
Posted by: Clark Slater | Monday, May 29, 2006 at 12:36 AM
Its not an implementation detail. To be able to have one entity create a credential for another entity is a fact of life. The problem is credentials are easily duplicated. In the US you are already supposed to have a credential to work either in the form of a birth certificate, drivers license or social security card. You can buy sets of these on the street right now for $150. I am proposing the creation of a credential that you can carry with you (that only you have) that can be self-authenticated. Its no different than any other form of identification except that without your fingerprint it cannot be validated. That is a good thing.
Its funny when folks worry about the government's potential abuse of power (stormtroopers) but are so OK with Google or NewsCorp/MySpace. I worry more about companies constrained merely by the perception of market dynamics than a goverment that submits itself to the rule of law. I universally don't like centralization of data unless its absolutely necessary.
Posted by: Rich Kilmer | Monday, May 29, 2006 at 10:11 AM