Outlook: The Perils of Biometrics

One day in the not too distant future, a traffic cop will know your name by the time he reaches your car window thanks to devices at intersections that will scan your face and iris. He'll hand you a nanoblotter to lick, slip it into a gizmo that will read your DNA and other biometric information that will tell him whether you've had enough sleep, whether your retinal implants are past their warranty and whether your car is overdue for a tuneup.

The only part of this scenario that is science fiction, says technology futurist Paul Saffo in an article in Sunday's Outlook section, is the notion that these biometric ID techniques will make us or our personal information secure. Anything -- DNA, iris patterns, fingerprints -- that can be detected and recognized from a database can be hacked, copied and stolen. Instead of providing solutions to problems of identity theft, these biometric techniques offer new challenges that we need to face.

Saffo, a director of the Institute for the Future, a Silicon Valley-based think tank and forecasting organization, discussed his article, A Trail of DNA and Data, on Monday, April 4, at 1 p.m. ET.

The transcript follows.

Editor's Note: Washingtonpost.com moderators retain editorial control over Live Online discussions and choose the most relevant questions for guests and hosts; guests and hosts can decline to answer questions.

_____________

Paul Saffo: My apologies for the late arrival -- forgot to look at my watch!

_______________________

Boston, Mass.: Isn't DNA based profiling the ultimate form of discrimiation? After all, it is the source of gender, racial differences, disease, most of the differences given legal protection against discrimination today.

I think that the Congress will have to, and should, pass laws prohibiting the use of DNA information for any decision making -- by the government, or by insurance companies, etc.

What is the status of this in Congress?

Paul Saffo: DNA-based profiling is certainly the most potent way to peer into privacy that I can imagine. And will have lots of surprises. for example, I think we will all discover that no one is perfect -- and that we are all a member of one genetic underclass or another.

_______________________

Arlington, Va.: What limits would you like to see put in place regarding personal DNA information?

Paul Saffo: You have succinctly stated the single most important question that we as a society need to consider. I think the conversation must begin with the assumption that we will collect DNA, and that the focus must be on security of that information, and permissible uses. But it gets very tricky very fast -- consider the matter of jurisdictional control for starters

_______________________

Virginia: Correct me if I am wrong, but it seems that you are asking us to fix problems with technology that do not even exist yet. Isn't this putting the cart before the horse?

Paul Saffo: Correct that it is anticipating, but if one doesn't plan in aadvance, it is harder to fix things after the fact.

_______________________

Anonymous: How far away do you truly believe we are from the sort of science-fiction-like reality you wrote about?

Paul Saffo: Well, most of the pieces are here today. The uncertainty is how long it will take to integrate the pieces together into a single system. I am most sorried about how commercial interests could accelerate this more quickly than bgovernmental interests. for ex, consider the credit rating business... the commercial firms set the system up, collected the data and created the marketplace. Then it was a simple matter for the govt to come in and purchase the data they needed for their databases...

_______________________

Washington, D.C.: What exactly does the Institute for the Future do?

Paul Saffo: We are a 36 year old not-for-profit research foundation. Our basic mission is to convince stakeholders public and private that it is in their interest to think systematically about the long-term future because it will lead to wiser decisions in the present. Our clients include a mix of businesses, private foundations and some govt agencies.

_______________________

Washington, D.C.: I enjoyed your article, particularly its conclusions. Biometrics is an enabling technology, not a solution in and of itself. Your article pointed out that the focus should instead be on policy and the end-to-end systems that enable policy. I agree; however, there is an underlying, core issue at stake which should be examined that is only indirectly related to policy or technology -- the notion of "identity" must be distinguished from the notions or privelege, benefit, or authority. Without the latter, an "identity" is essentially useless -- proving that you are who you say you are accomplishes nothing. If you accept that arguement, then it is possible to accommodate the view that a person can have an "anonymous" identity that is linked to privilege, et cetera but not necessarily to privacy-infringing data like SSN, name, DOB, address, etc. Identities, in other words, have integrity and usefulness only within the limits of the application space that accepts applicants, guarantees their uniqueness, and issues and manages privileges, benefits, authorities, etc. David Chaum raised these issues succinctly more than a decade ago.

Paul Saffo: Great point! I really like the notion of separating identity from the information. The hitch is that it has to be architected in advance and designers/decision-makers can selfishly do otherwise. For ex, the RFID-based toll systems (called "FastPass" out here) could have been designed to give drivers anonymity when paying for trips. But... the designers instead designed the system so it explicitly captures the identity of the car every time.

_______________________

Washington, D.C.: Thanks for a fascinating look into our possible near-future. To what extent do you think those who refuse to give up personal data -- whether in the form of a SSN, iris scan, or DNA sequence -- will be shut out from the benefits of an increasingly technology-dependent society? I am very reluctant to register with Web sites, for fear of what may happen with the data I submit. However, without a willingness to register, I can't use otherwise excellent resources such as Amazon.com, iTunes, washingtonpost.com, and many others. Do you see this problem getting worse over the next 20 years? If so, what can a privacy-loving person do?

Paul Saffo: Exctly! Just like anyone refusing to show identity at the airport can no longer fly. It is entirely "optional and voluntary," but you can't go anywhere unless you comply. Even less extreme examples are abundant. Consider frequent shopper cards. One need not join, but the price of being a non-member is that one loses the benefit of the discount, which as these cards become ubiquitous is really not a discount but merely the rgular price. Thus non-members really do pay a tax for non-membership

_______________________

Fairfax, Va.: What is the likely Technology that will be used in US Passports, Fingerprint, or other?

Paul Saffo: This is in open dabate now. The Feds wanted to use RFID chips (in essence tiny radio transceivers that broadcast a serial number when energized by a polling transmitter). RFID is terrific technology, but critics have pointed out a variety of weaknesses, not the least being the possibility of someone detecting US citizens abroad by sweeping a space with an RFID reader. It isn't quite as simple as they fear, but the issue is a real one.
Personally, I would prefer to stick with a number-identifier that then accesses a secure database containing more personal info. that way, if the underlying number is compromised, it can be changed.

_______________________

Lima, Ohio: It's clear science (and law) will be able to "read" DNA for identification purposes before there will be useful scientific/medical applications for the information. Where do you see the first successful application of something like gene-editing?

Paul Saffo: Interesting point, though my friends in the genomics/pharmaceutical industry would argue that they are already using the info.
By "gene-editing," do you mean someone actually changing their genome, like folks once trying to change their fingerprints with acid? If so, then germ-line therapies is the place to start, as it in theory not only changes the subjects genome, but also passes the changes on to their offspring.

_______________________

Paul Saffo: More on Passports... I note that we have an example of a remarkable reliable and secure system today: Bank ATMs. Has anyone ever heard of a bank ATM making a mistake, either giving out too much or too llittle money? And break-ins of customer accounts has been remarkable small. Except for people falling for phoney ATM readers, there have been amazingly few problems.

_______________________

Paul Saffo: If anyone has any more questions --or comments (no need to pretend it is a question!-- I am happy to respond. Otherwise, it is been a pleasure to hang with you all.

_______________________

Washington, D.C.: I'll re-enter this discussion to make one more point about anonymous identification: An application for membership in a system that offers benefits (such as the loyalty card example you raised) always requires the applicant to disclose data about him- or herself -- a quid pro quo is always a component of such transactions because the grantor MUST obtain value a value for giving one, otherwise, the system would quickly go bankrupt (or become publicly-funded). The issue is whether the applicant is given full disclosure over the limits and purposes to which the disclosed personal data is exposed. An aspect of your suggested policy-legislation-technology approach, therefore, is the fundamental requirement that these purposes be made explicit and that the integrity of the data is maintained strictly for the limited purposes described in the disclosure TO WHICH THE APPLICANT AGREES. I see no other way to enforce this rule other than by legislative caveat linked to strict penalties for wrongful use or exposure of the data. Existing privacy law is probably sufficient -- it is only necessary to link these laws to the application disclosure process and the implicit contract created thereby between the applicant and privilege/benefit grantor. Do you agree?

Paul Saffo: Well-stated! I'd only add "informed agreement" as the average consumer probably has no idea how potent a seemingly-innocuous bit of information can be.
And I am always amazed by our individual gullibility. Witness the recent exercise where researchers offered free gifts (I think a candy sample) to folks approached at a subway stop and asked for their social security number. It was breathtaking how people were willing to give up their number.

_______________________

Oakland, Calif.: On one hand, I think our current federal government is evil and it's power should be restricted. On the other hand, I recognize that personal liberty, especially the liberty of women, is often constrained by fear of violent crime -- so, government intrusion that reduces violent crime increases our freedom. For example, fear of pedophiles has caused many Americans to limit their children's explorations. How can we balance the liberty interests of personal safety vs government intervention?

Paul Saffo: Evil occurs because good people do nothing. There is no substitute for an informed and active public that takes the time to understand the issues and the choices they present.

And this is becoming more poignant as the power of our technologies increase. For ex, Sandia Labs just proudly put out a press release where they propose to coopt smartmob networks to find terrorists -- the implication being anyone not self-identifed in a network is a baddie...

_______________________

Paul Saffo: thaqnks all for your questions and comments. I've enjoyed the discussion and dapart with some new insights.
Oh, in case anyone wants to see the sandia announcement, go here.

best
-p

_______________________