Biometrics, e-Identity, and the Balance between Security and Privacy: Case Study of the Passenger Name Record (PNR) System

The implementation of biometrics entails either the establishment of an identity or tracing a person's identity. Biometric passport data (e.g., irises, fingers, faces) can be used in order to verify a passenger's identity. The proposed Passenger Name Record (PNR) system contains all the information necessary to enable reservations to be processed and controlled by the booking and participating air carriers for each journey booked by or on behalf of any person. PNR data are related to travel movements, usually flights, and include passport data, name, address, telephone numbers, travel agent, credit card number, history of changes in the flight schedule, seat preferences, and other information. In the aftermath of the September 11 attacks, a new emergency political-law status of society was established: the continuous state of “war” against the so-called unlawful combatants of the “enemy”. Officially, the enemy is the terrorists, but the victims of the privacy invasions caused by the above new form of data processing are the civilians. The data processing based on biometrics is covered both by Directive 95/46 EC and Article 8 of the Convention on the Protection of Human Rights and Fundamental Freedoms (now the European Convention on Human Rights, “ECHR”). According to Article 2, Paragraph a of the above Directive, personal data shall mean any information relating to an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his/her physical, physiological, mental, economic, cultural, or social identity

Multimodal biometric authentication based on voice, fingerprint and face recognition

openNew decison module to combine the score of voice, fingerprint and face recognition in a multimodal biometric system.New decison module to combine the score of voice, fingerprint and face recognition in a multimodal biometric system

Datafication genealogies beyond algorithmic fairness: making up racialised subjects

A growing scholarship has discussed how datafication is grounded on algorithmic discrimination. However, these debates only marginally address how racialised classification or race categories are enforced through quantification and neglect its political and historical conceptualisation. In this work, we argue that literature partially fails to show that datafication reinforces racial profiling beyond the creation of racial categories as features. This article casts a new light on datafication by retracing its genealogy focusing on identification procedures in the colony and at the border. Such a genealogy foregrounds how datafication enforces racialised profiles by showing that it is part of a longer historical trajectory of modes of racialising individuals beyond algorithms and racial categories. Building on archival material, it develops this argument through two case studies. First, it focuses on the study of datafication of colonised bodies through biometrics by Francis Galton during the 19th-century. Second, it takes into account police identification procedures about unauthorised migrants, enforced by the French police at the Italian border in the 20th-century. These two cases show that although race categories as variables have been historically used to translate individuals into data, datafication processes as such also produce racialised profiles. A genealogical approach highlights continuities as well as quantitative and qualitative shifts between analogue and digital datafication. The article concludes arguing that datafication mechanisms have historically enforced legal and political measures by states in the name of science and objectivity and debates around algorithmic fairness should bring this key aspect back to the core of their critiques

Integrating verification, testing, and learning for cryptographic protocols

International audienceThe verification of cryptographic protocol specifications is an active research topic and has received much attention from the formal verification community. By contrast, the black-box testing of actual implementations of protocols, which is, arguably, as important as verification for ensuring the correct functioning of protocols in the “real†world, is little studied. We propose an approach for checking secrecy and authenticity properties not only on protocol specifications, but also on black-box implementations. The approach is compositional and integrates ideas from verification, testing, and learning. It is illustrated on the Basic Access Control protocol implemented in biometric passports