A bill being considered by the New Hampshire House of Representatives would ban the use of biometric data for either state or privately issued IDs. The legislation would forbid the use of biometric data coupled with IDs as a condition to obtain services from businesses or government agencies. The lone exception to the ban would include employee identification cards.
The bill – HB1409 – would bar private businesses and government agencies from taking biometric data as a means to verify a person’s identity. According to draft legislation, it would include the following forms of biometric data: fingerprints, palm prints, or other measurements of ridge patterns or fingertip characteristics; facial feature patterns; handwritten signature characteristics; speech recognition data; iris recognition data; keystroke dynamics; hand geometry; retinal scans; and DNA/RNA. Infosecurity notes that New Hampshire has previously banned the use of biometric data and RFID in driver’s licenses and license plates.
State Representative Neal Kurk, co-sponsor of the bill, told Infosecurity that biometrics can be useful in certain situations, but he does not think the time has come to implement these systems in New Hampshire without first addressing personal privacy concerns. “Biometrics serves and will increasingly serve important functions in our lives, but at this time for most folks they are new, perhaps a bit strange and, indeed, often frightening”, he said. “Fingerprints, for example, are associated with criminality, and so one may feel that a business or government asking for fingerprints perceives [them] in that light.”
The New Hampshire legislator takes issue with how biometric data will be used by agencies other than those originally slated to collect and employ the data. “Will some biometrics be used to create government- or privately controlled dossiers and databases containing personal information about one that may be used in ways of which [the person] is neither aware nor approves?”
Kurk acknowledges that biometrics can be used for legitimate purposes but is leery of potential biometric information sharing between government agencies, especially in the absence of specific guidelines governing their use in a particular situation. “HB1409 was introduced to provide privacy protection to New Hampshire citizens”, he commented. “As people learn more about the benefits of particular systems in particular applications and are comfortable with any privacy trade-offs involved, I would expect the legislature to amend the statute accordingly.”
Not surprisingly, Walter Hamilton does not believe that the use of biometrics for identification is a violation of personal privacy. Hamilton is the chairman of the International Biometric Industry Association (IBIA), a Washington DC-based trade group that advocates for biometrics in both the private and public sectors. “The technology is privacy neutral”, he told Infosecurity, “it’s the application of the technology that poses privacy concerns to some.”
While Hamilton concedes the ‘criminal-like’ stigma of certain biometric measures, he notes that states have the option to prohibit, via legislation, the sharing of this information with other agencies. He points out that social services agencies in states like Connecticut actively use fingerprints to verify identity, and the state passed a law that prevents distributing this information to other government entities.
“They have not thought through all the unintended consequences of the legislation, all the beneficial aspects of biometric verification,” said Hamilton in reference to HB1409. “They should narrow the focus of the legislation to focus on specific concerns.”