Sunday, September 14, 2014

Are parental concerns with fingerprint biometrics 'techno panic'

Photo courtesy of Berkshireeagle.com
As North Adams School in Massachusetts plans to use fingerprint biometrics to improve lunch line efficiency, some parents are understandably concerned about how using a biometric system erodes their children's privacy.  Most of the articles on North Adams School adopting biometrics seek to reassure parents and readers that its not a database of fingerprints but just a number string.  The reality is that that number string is the biometric identifier derived from the fingerprint and that personal biometric, digital identifier is capable of being transferred across databases.

Here in the UK personal biometric identification used in schools has the potential to be accessed by the UK Police or other agencies, without the knowledge of the child or the parent.  I'm not sure if this is also the case in Massachusetts but it would be a question I would ask if I were a parent there.

In a FindBiometrics article "Massachusetts Lunch Lines Go Biometric Despite Parental Concerns" they state that:

"The parental outrage revolves around worries that the biometric templates used to authorize the buying of food will lead to the storage of a child’s physical characteristics. This is a common fear in large scale deployments of biometric technology, but in this case it doesn’t hold up. identiMetrics fingerprint scanners don’t store full fingerprints"

Erm... it does store a child's physical characteristics in a digital format, otherwise it wouldn't be a biometric system.

The article then goes on to quote the International Biometrics and Identification Association calling the recent ban of biometrics in schools in Florida as "techno panic". Well I guess they would.  The industry have business to loose if all states decided to ban the unproportionate use of biometric technology for a faster moving lunch line or improved credit control.

Also with four other schools in the area rolling out biometrics the iBerkshire.com reports that:

"Parents are informed of how the technology works and to give them the option not to participate — both of which North Adams as done, although some parents are saying they should have been asked permission first, not after the fact."

This inadequate version of somehow gaining assumed consent from parents, and those that do not consent by having to opt out, failed miserably here in the UK.  As a consequence legislation was brought in to gain clear, informed consent from both parents, also if the child does not consent this overrides the parent's consent.  This legislation, contained in the Protection of Freedoms Act 2012, was brought about after privacy groups and parents lobbied parliament from 2006-2010 with the law being applicable from September 2013.

And yes, biometric authentication can be used to track your child.  A child's digital transactions can build up a highly personal profile in school of what they eat, read, attendance, movement around a campus, revealing a very personal footprint of how a child's life is lead in the education system.  Any system is able to do this I suppose, like a swipe card or pin, but because a child's biometrics are easier to use, i.e. you can't loose a finger, this type of authenticating seems the simplest most efficient option for schools, employing the technology for a whole range of purposes.  Put plainly, it is profiling - but at what cost to the child's privacy?

Children today will, in all probability, need to authenticate themselves biometrically in future for travel (as we do now) banking, access to state benefits, pension, purchasing food and national ID.  This is happening in other countries.

A child's biometric identity needs absolutely not be compromised.  The only way to do this it to limit a child's exposure to the technology - not to participate in such biometric systems for mundane purposes in schools.

Monday, May 26, 2014

SIBA & Florida Gov signs legislation to ban biometrics in schools

Florida Gov Rick Scott
Florida Governor Rick Scott signed SB188 on May 12th 2014 which banned biometrics in schools. Groundbreaking legislation, the first of its kind globally.

This now sets a precedent for other like minded states to follow in the same vein.  Governor Scott signed the legislation, as a part of a number of measures to "prevent unnecessary collection of data from our students", to more free up Florida's commitment to the controversial Common Core education initiative.

In the meantime the newly formed Security Identity and Biometrics Association (SIBA), born out of Washington DC in February 2014 (coincidentally in the month the Florida legislature voted overwhelmingly in support of the biometric ban), is very keen to see a halt to schools banning biometrics.

So much so, they have devoted a sizable proportion of their website detailing how SIBA plans to  produce four Fact Sheets, under a promotion named KickStartto be aimed presumably at schools "to dispel myths; advance positive legislative solutions; report on school uses, successes and challenges; and support schools and their vendors seeking positive change for their communities" costing $2,500 each.  These facts sheets will be advertising the companies that sponsor the sheets.

I could write some fact sheets about biometric technology used by children in schools, with their use both in the UK and US over the past decade for considerably less money, that would be carefully referenced with facts, via citations.   So I await with baited breath to see what 'facts' these four Fact Sheets costing $10,000 will contain.  Hopefully the sheets will have independent, credible evidence to back up any facts made and I look forward to reading them - that is if SIBA publishes them on their website.

SIBA's drive to get schools on board is subtly said in a photograph on this page carrying the statement that "Schools need our help!", when in reality the education system is working absolutely fine without children authenticating themselves via a measurement of their body to eat, register or take a book from a library.

Do adults use biometric technology in order to eat?  No.  In fact there is distrust about biometrics in adult society and is there any wonder with this recent headline from Biometric Update "
Canadian academics, privacy groups issue statement against mass spying".  When data protection and privacy laws are not enforceable and general unease lies with biometric technology, why is there a drive to encourage children in schools to use their biometrics?  

Some might say that it is not in the government's interest to have schools ban biometrics when really their agenda is to soften the next generation to the technology, using a compliant environment to do so?

An upcoming event SIBA are having in June 2014 is "closed door" with two speakers, Alan Bersin, Acting Assistant Secretary for policy for the US Department of Homeland Security and Vice-president for the Americas Interpol and Bob Mocny, Director in the Office of Biometric Management, part of the  US Department of Homeland Security.  It is not boding well for transparency when one of SIBA's first events is 'closed door' and the speakers are from a US government department which is widely perceived as having largely eroded the privacy of the people of the United States.

I feel, for me and others concerned about the use of biometric technology with children, SIBA looks like a US government led organisation bent on promoting biometrics in schools, worried by the recent legislation passed in Florida.  I have asked SIBA how they are funded, who their members are and where and when they were conceived as this information is not on their website.

Openness and clarity from SIBA is vitally important on this so that we, as parents, are aware of who is driving the agenda for our children to authenticate themselves with biometric identifiers for day to day services in education...  I await SIBA's answer.

Friday, April 18, 2014

Florida bans biometrics in schools, and the industry's "emerging fight" against it

It has been interesting to follow the progress of the Florida legislature to ban schools from taking and processing children's biometrics, the process of which started late last year.  It will be the first time in the USA or worldwide that biometrics have been banned in schools, when Gov Rick Scott signs the bill.  Some have argued that the UK Protection of Freedoms Act 2012 should have gone this far but instead we have that schools can only process a child's biometric data with written parental consent.  However, how parents are fully informed to make that consent still leaves the process open to spin and ambiguity surrounding the technology and its capabilities.

In Florida three bills were filed dealing with Florida schools using biometrics, during September and October 2013. With one, SB188 relating to education data privacy, being passed on April 11 2014. It reads (see lines 49-66):

(1) An agency or institution as defined in s.1002.22(1) may not:
(a) Collect, obtain, or retain information on the political affiliation, voting history, religious affiliation, or biometric information of a student or a parent or sibling of the student 

The bill passed by 113 Yeas to 1 Nay

This news has been met by the biometric industry in the United States with fears it may lead to other states approving similar bills.  There are already laws in other states concerning parental consent for schools to use biometric technology but SB188 goes one step further, by banning it.

Many experts, privacy organisations and others have aired concerns over children using their biometrics in school for a variety of reasons:
     - Security of data - What does a child do if their biometric data is compromised?  How and when would that become apparent?  Leaps and bounds in technology cannot possibly foresee how this could play out in the decades to come.
     - The personal information that is held against the biometric - Reading or eating habits, who views that?
     - The sharing of biometric data and personal data stored against it - Government agencies now routinely take biometric data and upload it to other databases.
     - The subtle psychological message using this technology gives to children, that to gain access to books/knowledge, food/money, normalises the use of biometrics for mundane yet essential activities.   

Janet Kephart of the Secure Identity and Biometrics Association (SIBA), set up in February 2014, states that one of four biggest challenges of 2014 is to help clear the air in "a newly emerging fight in state legislatures whereby there is a push to ban biometrics in public schools".  

Kephart claims that, "Biometric technologies do not store identities; they store templates".  Surely template/s based on a particular person are designed to identify said person, otherwise how would the system work?  Then the next statement contradicts her earlier statement by saying, "To further assure privacy, names are kept separate from the biometric templates, encrypted, and not directly linked with the biometric data".  Yes, so they are linked then but encrypted.  Indeed, one might liken this to doublespeak?

She then, unsurprisingly, states the usual line to be seen and heard in the spiel dished out to schools in the USA and UK by biometric vendors, "...the outline of fingerprints aren’t stored like an image – they’re turned into a set of series of numbers that can’t be reverse engineered."  Yes, a set of numbers that is digitally transferable between databases.

With regards to Florida banning biometrics in schools (with SIBA only being set up two months earlier with a view to, "educate folks about the reality of biometrics, bridging the gap between Washington and the industry" , maybe SIBA was set up because of SB188?) Janet Kephart states:

Nobody in Florida decided to do due diligence on this... [presumably she has proof of this allegation]  No one clearly went out and asked how biometric technology actually works … nobody asked the question. It was just basic public servant due diligence that they didn’t do and there’s really no excuse for that.”

Just a minute... where was the "due diligence" of the biometric industry from 2001 onwards effectively testing biometric technology on children by fingerprinting 4 year olds to get a library book out, using infrared palm scanners trialled on primary school children in 2006 so they could eat, iris scanning children for lunch lines in 2007, facial scanning kids in 2010 to stop them from turning up to school late, voice biometric planned in 2007 for students, and (partly what prompted SB188) a Florida school district iris scanning 700+ children to travel on a bus?  All without parental consent or appropiate discussion, hence the legislation in the US States and the UK.

And SIBA want to talk about due diligence?   An apology would be more fitting.

Let's tell it how it really is.  In this article is an astonishing, yet bluntly open, account of why Saudi Arabia are introducing biometrics in schools, explaining below the exact reasons for biometrics and CCTV.  Surveillance.  It is a "form of supervision", to" install a sense of discipline", to "track children", to make them "respect regulations" and gain "better productivity".  At least there is some honesty here, more than we have had from the biometric industry and government on this issue in the US and UK for the past decade.

Kevin Townsend, original founder of ITsecurity.com, puts it most succinctly in his March 2014 article - Why we must keep biometrics out of schools - definitely worth a read.

Sunday, March 30, 2014

Swalecliffe Primary running out childrens biometrics for catering, registration, library and printing - caterer supplies the biometric system

After a few years of biometric vendors steering clear of selling biometrics to primary schools (it seemed that 'fingerprinting' younger children was less palatable that older children), Swalecliffe Community Primary School have decided to role out biometric technology so the children there can eat lunch and potentially print documents, log their registration and take library books out.

After sending Swalecliffe a Freedom of Information request, it turns out that surprisingly the system was not paid for by the school, instead the generous catering company GS Plus (the school caterers) are providing the system.  Which begs the question - who is the data controller?  Who exactly is processing the children's biometric data - the catering company or the school?  Seemingly also the biometric software the caterer is providing also will be used for registration... so is the catering company branching out into registration or is another company providing that?


The school did not effectively communicate to parents that the child had the right to refuse this, instead flanneling the issue up in an "e [electronic?] safety" discussion within school.  The template Department of Education letters (see page 14) do not advise this.  In their template letters this is communicated unambiguously to the parents in writing.


As always biometrics are used as a solution to a problem, and indeed the technology is effective at authenticating users, but the efficiencies come with the system not the authentication process.

The school justifying the introduction of biometrics by apparently "ensuing greater" safeguarding is an emotive, and I find a slightly distasteful, use of language (unless the school really did have child safety issues?).  Unfortunately "safeguarding" is a word that is overused to the point of almost dangerous dilution of the meaning of it, especially when it is used to effectively 'sell' a system to parents.  Other less invasive, proportional identification processes can be used to ensure equal safety of children - especially with young children, whose biometric data had to be ubersecure, and not compromised at their early age.


See my comments in red below.  Another Freedom of Information request will be sent to the school as this throws up more questions (as is often the case) to gain clarity of how who has access to the children's biometric data, i.e. who is the data controller, what companies are involved and who is ultimately actually paying for this?

I can't really imagine the caterer is paying for this altruistically... (?)  I'm sure the tax payer will be propping this up.  Commercial companies do not survive by 'gifting' computer hardware/software to schools.  The cost will be obviously worked into the price of the contract or meals.



24 Jan 2014


Dear Swalecliffe Community Primary School,

Under the Freedom of Information Act please could you supply the following information within 20 working days.

As per the article

http://www.canterburytimes.co.uk/School-swaps-ditches-dinner-money-woes-hi-tech/story-20343882-detail/story.html#ixzz2o2awFg5z


1) In the above article it is quoted that the biometric system
would “save the school essential funds”. Please advise:
i) how this would save the school essential funds

Swalecliffe Answer: As a school we are responsible for any debt accrued by parents not paying for the meals their children have. This is part of any school’s meals contract. 
In addition we require an admin assistant to manage the monies coming into school, sending the debt letters, checking the registers and then making phone calls to parents who still haven’t paid their debt. In total this amounts to approximately 15 hours per week of school admin time. This does include the time of the contractor’s cash collector which obviously impacts on the meal prices.



ii) the amount of funds estimated to be saved per year.


Swalecliffe Answer: Admin costs: £7,098 per annum
Debt costs: £1,200 per year on average each year since 2009 (although these costs have been increasing with a debt of £1,300 from September 2013 – December 2014)



33 weeks x 15 hours a week = 495 hours
£7098 divided by 495 = £14.33 per hour (incl physical expenses i.e. letters)
Will a member of staff loose 15 hours a week from their employment i.e. will someone be financially worse off?


iii) the cost benefit analysis done showing savings to the school.




Swalecliffe Answer: As above



2) Please advise the cost of the biometric system

Swalecliffe Answer: The details of this are not transparent to the school because the system is being provided by the school caterers with no costs incurred by the school 


Nice.  Just a thought but perhaps the school caterer could have subsidised the debt incurred by the missed payments rather that incur more debt by providing a biometric authentication system?    


So then who is the data controller then and who has access to the children's biometrics?



3) Please advise any ongoing licensing or maintenance costs

Swalecliffe Answer: There are no specific costs linked to the biometric system and cashless catering for schools. However as the software is now in school we have decided to upgraded our registration system, combining the two together to make morning registration more efficient and ensure even greater health and safety and safeguarding procedures within the school. This has cost the school £480 per annum but will also save us £48 per annum as we wont be using other software we currently purchase. 


How can biometric technology ensure *more* health and safety.  I'd have thought the hygiene of the scanners having hundreds of fingerprints on them (not to mention the added expense of wiping them clean) would have created a health risk.  Safeguarding... how many issues have the school had with 'safeguarding procedure' at registration time to justify a biometric registration system?



4) Please supply the documents sent to parents for meetings and
letters sent about the biometric system, including letters sent regarding parental consent.

Swalecliffe Answer: Please find attached [documents need to be provided externally]


Another post on this topic is warranted as the Head Teacher's comments regarding the alternative identification offered is unorthodox and not a response I've seen before.



5) Please show how the school communicated to the students that
they had a right to refuse to use the biometric system.

Swalecliffe Answer: The system was shared and talked about in an assembly and by the class teachers as part of our e safety and ICT day in school. The children were asked to talk about it at home and decide with their parents what was right for them. During the actual process of registering for biometrics the staff were very careful to ensure that if any child was worried or anxious that they stopped and spoke to the parents before taking the reading. This only occurred with one child who has a specific learning difficulty and Asperger’s Syndrome. The children were very excited about the process. 



6) Please advise what the “right information” was given by the
school to parents who had concerns about the system

Swalecliffe Answer: Please see the documents sent to parents. Following our information sessions and our drop ins we collated the most frequently asked questions and shared them with the whole parent body.

Again I will deal with this in another post, details given were inaccurate - details to follow.  Suffice to say I will point this out to the school ASAP so they have the opportunity to the rectify information given to parents. 


7) How many parents consented to their children’s biometrics to be
processed by the school?



Swalecliffe Answer: There are 649 children on roll.
578 children are able to use the system 
535 have permission for biometrics (82% of the children)


82% efficiency for a biometric system?  What if other procedures in schools were only 82% efficient? - that would not be acceptable.  I don't think that's a great endorsement of the system. 


8) How many parents refused for their children to use the biometric system?




Swalecliffe Answer: 13 families have refused to allow their children to use the system 
However 11 of these do not use the catering facility and their children do not have school meals. 
Only 3 of these families attended the consultations evening, the information evening or the drop in sessions. 



9) How many consent forms were not filled in by parents?




Swalecliffe Answer: 41 have not completed any forms but all of these are families who do not have school meals 



10) How many children refused to participate with the biometric system?

Swalecliffe Answer: We had one child who was distressed by the process but they have a specific learning need and anything unusual is challenging for them. We also had one family who communicated that they were discussing the options with their child and would like their child’s opinions to be seriously considered in their decisions.