In the coming weeks the Israeli parliament, the Knesset, will once again consider the next stage in the establishment of a national biometric database. The process involves a formal recommendation by the minister of foreign affairs, another vote by the ministerial Committee for Biometric Affairs and the Knesset’s Committee for Science and Technology, leading to a vote in the Knesset, all of which will take place very rapidly. This will mark the end of a two-year period, during which a pilot program was to examine the utility and function of the type of biometric database requested by the Israeli Ministry of the Interior, ultimately addressing the question of whether one was needed. The pilot program, which the government initiated after members of the public and concerned professionals demanded further research, has failed to accomplish its brief, producing no justification for the establishment of such a database. Nonetheless, the Biometric Authority established jointly by the office of the prime minister and the Ministry of the Interior in 2013 continues to press for approval of a “universal” database that would store information on every Israeli citizen.
(Photo by Tomer Appelbaum)
Furthermore, the infrastructure needed by such a database is already in place, and recently the head of the Ministry of Science, Technology and Space announced the intention to erect, in parallel with the universal database, a governmental genetic database. (The announcement was given at the IATI [Israeli Technology Industries] Biomed 2015 conference, and was reported by Gali Weinreb in the Israeli economics magazine Globes, 18 May 2015: http://www.globes.co.il/news/article.aspx?did=1001037487.) According to the Biometric Database Law (2009), the biometric database will be made available to police forces, military police, the Israel Security Agency (Shin Bet), the Israel Secret Intelligence Service (Mossad), and the Ministry of the Interior. Tellingly, biometric data from members of the security and secret services will not be included in the database (as reported by Dror Globerman for the blog Nexter, 2 Mar. 2014: http://www.mako.co.il/nexter-internet/security/Article-d4d1bd0684b2441006.htm).
The short report below is based on a recent position paper by a group of experts in Israel, under the supervision of the Digital Rights Movement (“An Analysis of the Concluding Pilot Report, by the Biometric Authority,” first draft, 15 June 2015,http://www.digitalrights.org.il/files/reports/DRM_report.pdf. Edited by Zvi Devir). The position paper commented on the recent “Concluding Report” submitted by the Bioemtric Authority to the government, in an attempt to finalize the legislation of the database, alongside the shift to biometric smart ID cards (The Biometric Database Management Authority, “A Concluding Report,” signed by the director of the Authority, MR. Gon Kameni, 23 Feb. 2015, http://www.biodb.gov.il/publications/Pages/Periodic-report.aspx). The position paper was submitted to the Israeli state comptroller on 15 June 2015. It will be submitted to the Knesset, as part of a final, concentrated effort to present to legislators what the Biometric Authority and the government were trying to hide from them. The material for this report includes more than seventy pages detailing basic problems with the biometric pilot project, which included intentional violations of civil rights and a vague attempt to prepare the database for future use by the security forces. The bottom line for the investigation is that the Biometric Authority and its representatives made every possible effort to silence criticism and hide results that did not fit their end goal or the public image they wished to promote. The conclusions of the report—though not couched in theoretical terms—are very similar to those of the article published in Critical Inquiry 41 (Summer 2015), titled “Biometrics, or the Power of the Radical Center,” http://www.jstor.org/stable/full/10.1086/681788.
As the authors contend in the opening to their “An Analysis of the Concluding Pilot Report,” “The Biometric Authority did not comply with its brief and did not conduct a transparent and authentic ‘pilot’ program, as required by the court; it did not carry out the research needed to establish the need for a biometric database, nor did it search for alternatives.” Two paragraphs after this harsh assessment of the authority’s negligence, the authors offer further criticisms that imply a degree of calculation in that negligence: “The way the authorities treated critics of the database was undemocratic and unreasonable. Instead of opening lines to a productive dialogue, which would have assuaged some of the concerns of their opponents . . . the authorities chose to slander critics and ignore those with opinions differing from their own, electing not to learn from those with outstanding professional qualifications” (“Analysis of the Concluding Pilot Report,” p. 1).
I do not intend, in this short update, to explore the function, theory, and possible results of the biometric database. The article in the summer issue of CI does all that. But I do want to emphasize a few details, chief among them some recent developments. I also hope to show that the current debate about the database proves once again how far the radical center is willing to go— sacrificing norms, proper constitutional conduct, and finally security itself—to eliminate objections, professional and ideological, from left and right.
The position paper that the group of experts submitted opens by tracing the experience of the past two years. They mention the series of public protests; appeals to the supreme court; critical assessments published on websites, in public letters, and in professional articles, all of which attacked the basic assumption of the government—represented by the minister of foreign affairs at the time, Meir Sheetrit—that a biometric database was needed on top of smart IDs. As countless experts tried to explain to government representatives, the information on biometric identification cards is based on algorithms that codify biological identifiers, and that encrypt the information in a way that makes it extremely hard to reproduce, copy, or forge the information. Nevertheless, Sheetrit, and the Biometric Authority he established, insisted on ignoring such interventions and kept promoting a view that identified smart or biometric identification cards with a biometric database, and waived the larger part of the encryption capability (that protects privacy) in favor of a simpler, universal system.
In stark contrast to the claims of the Biometric Authority, which insisted that “many states . . . have established, during the past few years, biometric databases for both national identification cards and passports, as well as for drivers licenses” (“Concluding Report,” chap. 3.8), not a single country has created the type of database the Israeli government is attempting to establish; the Israeli database is meant to enable, say, a police officer or a border patrol officer to identify an individual rather than to merely verify an individual’s identity. For that reason, the Israeli database is the only one that includes actual biological information, rather than encrypted information meant for the purpose of verification alone. Even Portugal, the only Western state to have established a biometric database, encrypts all its information and reduces its activity to just one of the two options. In short, the Israeli authority is attempting to create an unprecedented biometric database that violates basic constitutional rights and denies that it does so. Furthermore, as internal discussions during the early legislation process demonstrated (see the article in CI for details), the exceptionally wide infrastructure of the database seems to surpass the regular and reduced function of similar databases in favor of a stated, albeit vague, “security” examination. When the state comptroller asked the Biometric Authority for records of the discussion addressing its basic task and general aims, the answer he received was: “The documents could not be found” (“Analysis of the Concluding Pilot Report,” p. 20).
(Photo by Bloomberg)
Imprecise or wrong information was offered in response to arguments concerning the system’s vulnerability. For example, in contrast to the formal claim according to which the system is physically separated from other systems (“Air Gap,” ensuring a full separation from the public internet or any local area network; see https://en.wikipedia.org/wiki/Air_gap_(networking)) and therefore protected from infiltrations of all kinds and sharing of information, a quick search shows that the separation is only one of networks, and that civilian and commercial companies (the Israeli phone service “Bezek” for example) control it (“Analysis of the Concluding Pilot Report,” p. iv). Due to an emphasis on “security” for both military and police purposes, a large number of agencies and official offices are expected to use the database; this expectation undermines any possibility of protecting the information to begin with.
The two-year term of the pilot project is scheduled to end in June 2015. At that time, the Israeli government will be asked to approve the activation of the fully functional national database. During the past few months a series of private and public bodies have criticized one of the basic assumptions regarding the database. The legal advisor to the Committee for Biometric Affairs itself chimed in, pointing out that the creation of biometric identification cards does not necessitate the establishment of a database (“Analysis of the Concluding Pilot Report,” p. 3). Even the advisory committee that was established in June 2013 to assess the progress of the pilot program criticized its activities, pointing out that no effort had been made to compare the proposed system with any other comparable system abroad (“Analysis of the Concluding Pilot Report,” p. 5). For reasons never disclosed, publication of the state comptroller’s report was postponed by the Biometric Authority and the minister of foreign affairs. This drove the state comptroller—usually considered to be a convenience-appointment for Prime Minister Netanyahu—to announce that the authority’s own report was “full of substantial gaps” and to ask the government to postpone the legislative process (Ilan Lior, “The State Comptroller Warms from ‘Substantial Gaps’ in the Biometric Database; asks to Postpone the Legislation,” Haaretz 15 Apr. 2015, http://www.haaretz.co.il/news/education/1.2614722).
The list of critics did not end there. A special report by Shin Bet criticized the authority’s failure to secure the information; it mentioned that the pilot program had taken its database live after a security supervisor resigned and six months before hiring the security officer whose duty it was to protect the system from hackers. Furthermore, the Law, Information and Technology Authority within the ministry of Justice criticized the repeated failures of the Bioemtric Authority to answer the criteria detailed in the Privacy Law of 1981 (“Analysis of the Concluding Pilot Report, p. 7).
The Biometric Authority aggressively took on its critics, accusing the state comptroller of “issuing a report without consulting the relevant bodies” and arguing at the same time that “all of the state comptroller’s complaints were addressed to his full satisfaction” (“Concluding Report,” p. 42). At the same time, the authority refused to make public both the report it had sent to the comptroller’s office and the comptroller’s response; nor has it explained why an official whose complaints had been fully addressed felt it necessary to air those misgivings in a dramatic announcement to the media. The authors of the position paper declared that not only had the Biometric Authority “failed to comply with the agreed-upon timeline,” but its numerous failures were “concealed from the public and the severity of the failures was concealed from the supervising bodies” (“Analysis of the Concluding Pilot Report, p. 45).
All of this demonstrates the need to oppose the recent extension of power by ideologues of a digital “soft control,” democratic political centrism, and efficiency. Those who would grow executive power do not seem to mind rolling back public oversight, and give little thought to the individual’s own rights over his or her body. If Israel’s biometric database is approved in June 2015, it will become the largest, most comprehensive database in the world. Well after Michel Foucault offered his comments on the growth of a panoptic state, two centuries of criminal research will yield a network devoted to tracing an entire population’s movements and actions in the public sphere.
Epilogue: on 22 June 2015—a week after the submission of the position paper (“Analysis of the Concluding Pilot Report”)—the state comptroller announced that the full and harsh report about the biometric pilot program is expected later during the day (Ilan Lior, “The State Comptroller’s Report about the Biometric Database: ‘The Data is Not Enough to Determine if it is Needed,’” http://www.haaretz.co.il/news/mevaker/1.2667068). The minister of internal affairs, Silvan Shalom, announced immediately the extension of the pilot program until March 2016 (Ilan Lior, “Hours Before the Publication of the State Comptroller’s Report Silvan Shalom Announced the Extension of the Pilot Period,” http://www.haaretz.co.il/news/education/1.2666631).
The news of the delay is undoubtedly positive for critics of the database and of the surveillance state, but the expectation is that once this period has ended, it will be confirmed in its current—if somewhat more secured—form.
Nitzan Lebovic is an Assistant Professor of History at Lehigh University.