IDs can be hacked, biometric database authority reveals

Admission seen by some as validating claim that the biometric database project could result in an invasion of citizens’ privacy.

By YONAH JEREMY BOB
A person uses a sensor for biometric identification on a smartphone in Berlin (photo credit: REUTERS)
A person uses a sensor for biometric identification on a smartphone in Berlin
(photo credit: REUTERS)
A representative of the Biometric Database Management Authority admitted on Tuesday that its identity card database is not secure, acknowledging the potential for database breaches during a debate on the issue in the Knesset Constitution, Law and Justice Committee.
The Movement for Digital Rights slammed the admission by Naama Ben Zvi Riblis, a lawyer for the authority, saying it validated the group’s claim that the biometric database project could result in an invasion of citizens’ privacy.
“At this meeting, they put the truth on the table for the first time [as the authority] said on the record that the working assumption was that the entire biometric database would be hacked… Now we are not the only ones who are saying this… So why do we need this? Why take the risk?” said the NGO’s lawyer, Yehonatan Kleigar.
Asked about the admission that the database could be hacked, Committee chairman Nissan Slomiansky’s spokesman said he did not remember the authority saying that, but that even if it did he “had no position” on whether it should impact furthering the biometric project.
Committee spokesman Shimon Malka said the authority confirmed that, “No one will sign an insurance form that the database will never be hacked,” but claimed that the NGO had taken the statement out of context.
The meeting took place against the backdrop of Interior Minister Arye Deri’s wish to extend the controversial biometric database program for nine months.
The pilot program intended to eventually replace the current picture-ID system began in June 2013 and expired after two years. Former interior minister Silvan Shalom extended it for nine months until the end of March.
Slomiansky summarized the hearing as agreeing that the biometric IDs were a positive development, but with a debate about whether to continue the database.
Ben Zvi Riblis, however, said the database should be continued, but narrowed to contain only facial recognition data rather than fingerprints.
The head of the authority, Jon Kamni, said 935,000 Israelis have voluntarily joined the national database and that 1.5 million digital identity cards and passports have been issued.
Many of the Knesset committee members opposed continuing the database, with Yael German (Yesh Atid) questioning whether there were ulterior motivations for maintaining it.
Also, State Comptroller Joseph Shapira severely criticized the biometric database in his June report on the issue.
The Knesset authorized the biometric ID pilot project in 2009 in response to a surge in forged identity cards and identity theft. In addition, Israel is the OECD country with the most counterfeited passports.