Under Watch: Government Seeking Clear Path for Biometrics Data Use
Magnuson, Stew, National Defense
* The technology has arrived. The science of biometrics, the identification of a person through his or her physical characteristics, made great strides in the aftermath of 9/11.
Retina scans, voice imprints, 10-fingerprint readers have all benefited from digital technology, and are being used today, a panel of government experts said.
How to manage this information, protect the privacy of citizens and share information across federal agencies that have different regulations and reasons for collecting this data is the hard part, they added.
"There is a lot of gray areas and unknown space as we move ahead," Ben Riley, director of the Rapid Reaction Technology Office in the Defense Department, said at a Center for Strategic and International studies panel discussion.
Biometrics is the science. What to do with all the data is referred to as "identity management."
The policies, laws and regulations, however, are lagging.
And it's a technology that makes some members of the public squeamish.
There are laws on the books regulating what kind of data the government can collect from its citizens. But the last major piece of legislation spelling out these rules passed in 1974.
In a foreign battle zone where armed forces encounter non-U.S. citizens, a soldier may have great leeway in collecting data such as fingerprints from captured enemies, suspected insurgents or those seeking employment on a forward operating base. The goal in this scenario is simple: classify people as "friends," "enemies" or "neutrals," said Tom Dee, director of defense biometrics at the Defense Department.
"For non-U.S. citizens, it's really fuzzy on what we have to do," said Dee. There is no such thing as a global privacy act. There are only bilateral agreements.
When a person presents himself at a checkpoint in Afghanistan, for example, he could be anyone from a "known or suspected terrorist" to a CIA official with a high level security clearance.
As far as the military is concerned, "the more data you have, the better off you are" in making the decision to let that person pass the checkpoint or not, he added.
If someone is classified as an "enemy," or has potential ties to terrorism, ideally, the Defense Department should be able to pass the name of the suspect on to the Department of Homeland Security where immigration officers can call up his biometric information should he attempt to enter the United States.
The Defense Department has made the Rapid Reaction Technology Office the lead in ensuring all the services are on the same page as far as sharing biometric data within the military community. Since it is a relatively new technology, officials hope they can avoid the pitfalls of the past when "stove-piped" information systems were created that did not allow different users to share critical information in a timely and efficient manner.
But when and how can the Defense Department share what it knows with other agencies?
DHS, for example, has strict privacy laws. The department is under no obligation to extend privacy protection to non-U.S. citizens when it collects data of passengers traveling between nations, but does so anyway in the name of smoothing over relations with allies, said Patricia Cogswell, associate director of DHS' office of policy.
DHS and the European Union have tussled in the past over what kind of passenger data can be collected.
The department is on the forefront of the issue because its officers are often the ones the public interacts with the most, she said.
Dee agreed that the challenges of biometrics are now "less and less technical and more and more policy."
There are many presidential directives demanding that agencies share information seamlessly, said Peter Swire, an Ohio State University law professor and senior fellow at the Center for American Progress. …