A person uses a sensor for biometric identification on a smartphone in Berlin.
(photo credit: REUTERS)
In a long-awaited hearing on Monday, the High Court of Justice pressed the government hard about why it could not switch the citizenry over to smart-card passports without the need for the controversial biometric database.
Justice Isaac Amit said quite plainly to the state that there was no question that the biometric database “harms privacy,” so “why do we even need it?”
The Biometric Database Law was passed by a 39 to 29 vote on February 27, 2017 to increase certain economic and electronic efficiencies and make it harder to perpetrate identity theft. The state says that the database is needed to maximize identity theft protection. But it came after years of controversy dating back to 2009, and several adjustments to address criticisms.
While the NGO Digital Rights Movement has praised the changes as mitigating some of the privacy and security violations, it filed the current petition stating that the database itself was still unconstitutional and dangerous, and that biometric smart-cards can continue, but with no database.
Until now, to get a “smart” biometric card, a person was required to give the national biometric database access to personal facial recognition and fingerprinting data.
As of June 1, 2017, those getting smart cards can join without having to enter their fingerprints into the database.
Fingerprints for those under the age of 16 are not included in the database.
The police cannot use the database for law enforcement purposes until the Knesset approves related regulations on the issue.
A court approval will be needed before fingerprints in the database can be used for law enforcement purposes.
Those objecting will still have their fingerprints and facial recognition picture taken, but it will only be connected to their smart-card, not placed in the database. As a penalty of sorts, they would need to renew their ID cards every five years instead of every 10.
The Government’s cyber chief will be entrusted with reviewing the database every 18 months, instead of every two years, to see if there is a new alternative to fingerprinting for identification.
From the start, there has been heated debate about privacy rights and whether a database exposes citizens to new kinds of identity and personal information theft, in an age when cyberhacking seems unstoppable.
Digital Rights Movement’s petition said the database, “caused great harm to Israeli democracy” and that, “we all go onto the blacklist of potential suspects. The rule in our democracy until now has been very simple: if you did not break a law, you do not go on the suspects’ list... But from this moment… everyone changes into a suspect… and this must be annulled.”
The justices seemed concerned that citizens did not have a choice about whether to join the database or not – and when the state said that the change was part of the inevitable wave of technological change, Justice Neal Hendel responded that, “to say it’s the new thing is not always convincing.” He added that other new technologies have moved ahead too fast and caused damage.
At the same time, the court pressed the petitioners, noting that to date, the nightmare scenarios of widespread violations of privacy stemming from the database have not transpired.
Also, they noted that much of the information in the biometric database is already collected by the state or the army in other platforms.
Before the court rules on the broader issue, the sides were ordered to respond within the next 30 days as to whether the state could present classified evidence to the court, without the petitioners present.