Experts question rush to biometrics

Before government agencies buy into biometrics for security, especially facial recognition, they should resolve the policy and privacy issues, said panelists at a forum Jan. 25 sponsored by the Cato Institute, a Washington think tank.

Since Sept. 11, governments have become obsessed with biometric technologies, said John Woodward Jr., senior policy analyst with Rand Arroyo Center, a nonprofit policy research institute in Santa Monica, Calif.

"Pre-9-11, it was: Why do we really need this technology?" Woodward said. "Post-9-11, the view is: This is mainstream."

Regulations are weak or nonexistent about sharing data obtained through biometrics, he said, and some jurisdictions are already using it haphazardly in public places.

Dorothy Denning, a computer science professor at Georgetown University, said biometrics would simplify the growing volume of passwords and personal identification numbers that users must remember. But, she said, facial recognition ? the biometric technology most favored by law enforcement agencies ? could backfire: for example, on persons in witness protection programs.

The consequences could be "extremely serious for people operating undercover," said Mark Rotenberg, president of the Electronic Privacy Information Center in Washington. Identity theft is the No. 1 white-collar crime, he said, and a criminal need have only a single biometric match to be able to steal someone's identity.

"A very serious inquiry needs to take place," and that doesn't even begin to consider individual privacy rights, Rotenberg said.