Quantum surveillance and 'shared secrets'. A biometric step too far? CEPS Liberty and Security in Europe, July 2010

It is no longer sensible to regard biometrics as having neutral socio-economic, legal and political impacts. Newer generation biometrics are fluid and include behavioural and emotional data that can be combined with other data. Therefore, a range of issues needs to be reviewed in light of the increasing privatisation of ‘security’ that escapes effective, democratic parliamentary and regulatory control and oversight at national, international and EU levels, argues Juliet Lodge, Professor and co-Director of the Jean Monnet European Centre of Excellence at the University of Leeds, U

A Decentralised Digital Identity Architecture

Current architectures to validate, certify, and manage identity are based on centralised, top-down approaches that rely on trusted authorities and third-party operators. We approach the problem of digital identity starting from a human rights perspective, with a primary focus on identity systems in the developed world. We assert that individual persons must be allowed to manage their personal information in a multitude of different ways in different contexts and that to do so, each individual must be able to create multiple unrelated identities. Therefore, we first define a set of fundamental constraints that digital identity systems must satisfy to preserve and promote privacy as required for individual autonomy. With these constraints in mind, we then propose a decentralised, standards-based approach, using a combination of distributed ledger technology and thoughtful regulation, to facilitate many-to-many relationships among providers of key services. Our proposal for digital identity differs from others in its approach to trust in that we do not seek to bind credentials to each other or to a mutually trusted authority to achieve strong non-transferability. Because the system does not implicitly encourage its users to maintain a single aggregated identity that can potentially be constrained or reconstructed against their interests, individuals and organisations are free to embrace the system and share in its benefits.Comment: 30 pages, 10 figures, 3 table

The future of Cybersecurity in Italy: Strategic focus area

This volume has been created as a continuation of the previous one, with the aim of outlining a set of focus areas and actions that the Italian Nation research community considers essential. The book touches many aspects of cyber security, ranging from the definition of the infrastructure and controls needed to organize cyberdefence to the actions and technologies to be developed to be better protected, from the identification of the main technologies to be defended to the proposal of a set of horizontal actions for training, awareness raising, and risk management

Unique Identity Project in India: A Divine Dream or a Miscalculated Heroism?

The Unique Identity Project in India is a flagship project as being highlighted by the Government of India and is being portrayed as a panacea for all ills that exist in the country. Although time can only tell about the efficiency and efficacy of the project, but the very launch of this exercise has made it the largest biometric based identity disbursing e-government project in the globe. This paper, tries to put the current UID project of India into a perspective to evaluate the set of issues and concerns, as pointed by various stakeholders and try to understand the degree of criticality of those arguments. In this light, the areas of concerns around the UID project in India are also being pointed out. Given the largest IT project in nay government globally, the topic is of immense significance besides being timely and the discussion can provide impetus to a series of research activities in the areas of public policy, Information Systems planning and execution as well as appreciating the risks that get associated with such large initiatives.

Envisioning technology through discourse: a case study of biometrics in the National Identity Scheme in the United Kingdom

Around the globe, governments are pursuing policies that depend on information technology (IT). The United Kingdom’s National Identity Scheme was a government proposal for a national identity system, based on biometrics. These proposals for biometrics provide us with an opportunity to explore the diverse and shifting discourses that accompany the attempted diffusion of a controversial IT innovation. This thesis offers a longitudinal case study of these visionary discourses. I begin with a critical review of the literature on biometrics, drawing attention to the lack of in-depth studies that explore the discursive and organizational dynamics accompanying their implementation on a national scale. I then devise a theoretical framework to study these speculative and future-directed discourses based on concepts and ideas from organizing visions theory, the sociology of expectations, and critical approaches to studying the public’s understanding of technology. A methodological discussion ensues in which I explain my research approach and methods for data collection and analysis, including techniques for critical discourse analysis. After briefly introducing the case study, I proceed to the two-part analysis. First is an analysis of government actors’ discourses on biometrics, revolving around formal policy communications; second is an analysis of media discourses and parliamentary debates around certain critical moments for biometrics in the Scheme. The analysis reveals how the uncertain concept of biometrics provided a strategic rhetorical device whereby government spokespeople were able to offer a flexible yet incomplete vision for the technology. I contend that, despite being distinctive and offering some practical value to the proposals for national identity cards, the government’s discourses on biometrics remained insufficiently intelligible, uninformative, and implausible. The concluding discussion explains the unraveling visions for biometrics in the case, offers a theoretical contribution based on the case analysis, and provides insights about discourses on the ‘publics’ of new technology such as biometrics

Algorithmic Jim Crow

This Article contends that current immigration- and security-related vetting protocols risk promulgating an algorithmically driven form of Jim Crow. Under the “separate but equal” discrimination of a historic Jim Crow regime, state laws required mandatory separation and discrimination on the front end, while purportedly establishing equality on the back end. In contrast, an Algorithmic Jim Crow regime allows for “equal but separate” discrimination. Under Algorithmic Jim Crow, equal vetting and database screening of all citizens and noncitizens will make it appear that fairness and equality principles are preserved on the front end. Algorithmic Jim Crow, however, will enable discrimination on the back end in the form of designing, interpreting, and acting upon vetting and screening systems in ways that result in a disparate impact

Financial Services for the Poor: Lack of Personal Identification Documents Impedes Access

Without a birth certificate, no identity card can be issued and without identity card, there is no access to formal financial services. This link seems to be trivial in industrialized countries, where the ability of the individual to participate in economic life is rarely hindered by a lack of identification. In many developing countries, however, access to financial services is often denied, because potential customers cannot be identified based upon official identity documents-a basic due diligence requirement under international anti-money laundering regulations. In many developing and emerging countries, poor people have no opportunity to obtain such documents, as a large portion of the population has not been registered at birth. Without a birth certificate, however, no identity card can be issued, which is required by banks for customer identity verification. To date, the problem of identification has not played a prominent role in research concerning access to financial services. In the past, researchers have primarily focused on microfinance. In order to expand access to formal financial services, new methods for customer identification must be developed which address the realities in developing countries. Initial steps to expand access for the poor population have already been taken in countries such as India and South Africa. Aside from addressing problems associated with missing identification, it is also necessary to introduce basic financial products such as micro accounts, where the low risk associated with them is taken into account. Less demanding identification means for low-risk financial products ought to be internationally recognized and instituted in order to dispel legal ambiguities.