Tuesday, September 9, 2003

I don't usually talk about work here. Neither do I have often the inclination, or the energy, to spill that world into this arena, nor do I think you would be particularily interested in what I'm dealing with on a daily basis.

However...

I thought I'd make an exception today. Just to give you an insight into my day. Or to bore the hell out of you. You decide.

I was asked this morning about my opinion of the use of biometrics – in a cafèteria. Biometrics is a technical way to identify people by their physical characteristics. Like the shape of their face. Patterns in their retinas. Or their fingerprints. That is, incidentally, the type of biometric technology which is being used in this case: To pay for his or her food, a customer presses his thumb on a sensor, which is connected to a computer, which in turn recognizes said thumb and debits the customer's account with the cafèteria.

So what makes this interesting? Well, the cafèteria is in a school, and the customers are children.

As I see it, we have a few, rather distinct issues to deal with here:
  • Firstly, there is the issue of consent. Consent is required from a kid's parents, and himself or herself, prior to the scanning of his or her fingerprints. Supposedly, the technology and uses for the data are explained to the parents/kids in advance. Ergo: This does not appear to be a real problem.
  • Secondly, there is the real concern for misuse. What if the cops want the cafèteria's fingerprint database? Now, here the devil really proves to be in the details. You see, "fingerprints" are not the same as "fingerprints". Although police authorities do use fingerprints, extensively, to identify people, they need actual fingerprints for that purpose. Or at least a fairly good representation of fingerprints. In some form. The "fingerprint" system at the school, on the other hand, does not actually record the fingerprints. It merely uses a limited number of reference points in the print to distinguish it comfortably from other customers of the cafèteria. (are you bored yet?) This data is not complete enough to give a definite representation of the fingerprint in question, and is therefore not of practical value to police authorites. So proliferation does not seem to be a real problem here. Actually, you might even ask what the problem is with the police getting such access, since you shouldn't have anything to hide, etc. But that's another debate all together.
  • Thirdly, it could be suggested that the biometrics-for-donuts is an overkill. More fundamentally, perhaps there is something objectionable to the spread of technology, previously reserved for 'serious' applications, like fingerprinting police arrestees, into more benign fields of application, like retail shopping? Technology is, however, bound to find new applications al the time, as prices drop and methods evolve. So maybe we really haven't got anything here either?
  • Finally, and here we might be getting to the core of the matter, is the question of culture and upbringing. Is it OK for us to bring our kids up in the belief that they should be 'fingerprinted' for something as unimportant as buying a glass of milk? Should we be imprinting into our young a healthy vigilance when it comes to their civil rights? Or, on the other hand, would we perhaps fair better if the next generation, the one that understands technology much better then we do anyway, and is therefore not afraid of it, is brought up without 'irrational' emphasis on privacy? We do live in a post-9/11 world, don't we?

Just another day at the farm...