Privacy activists fume over secret Israeli biometric database

“A database that has been created unlawfully should be deleted immediately, and those responsible for its creation should be prosecuted,” said a privacy advocate.

By Lauren Marcus, World Israel News

Israel’s Population and Immigration Authority is seeking to retroactively legalize a secret biometric database that was illegally compiled, Hebrew-language media reported.

Calcalist obtained a report from the executive director of the Identity and Biometric Applications Unit in the Israel National Cyber Directorate, which was sent to Interior Minister Ayelet Shaked.

The report found that the Interior Ministry had unintentionally formed a biometric database. At first, the ministry stored low-quality facial photographs of Israeli citizens, such as those used on their identification cards and driving licenses.

In recent years, Israel has rolled out smart IDs and passports, meaning that the government has obtained high-quality photos that are considered acceptable for biometric facial identification.

Those photos are stored in the National Biometric Database, which is subject to strict regulations and stringent security policies.

Over the last few months, however, facial recognition technology has progressed to a degree that even the Interior Ministry’s low-quality photos can be biometrically confirmed. The ministry’s systems are not protected by security features that are standard for biometric data of this nature.

After learning of the issue, the ministry admitted that it had made a mistake and suggested that legislation be passed that would enable it to continue storing the photos without needing to comply with biometric-level privacy and security guidelines.

But the move to retroactively legalize the database, rather than destroy it, has sparked ire among Israeli privacy rights activists.

“[Over] the past 12 years, the government has built walls of a transparent prison around us. A biometric database, phone triangulation, driver’s license database…a License Plate Recognition system, and now also the Population Authority’s database,” Nir Hirshman, head of the Digital Rights Movement, said to Calcalist.

“We all saw how easy it is to degenerate into a dictatorship…the new government [must]…put us back on a liberal democratic path. Enough with surveillance, enough with the destruction of privacy. If there is a database that has been created unlawfully, it should be deleted immediately and those responsible for its creation should be prosecuted.

“Any such database is a potentially dirty bomb, which could leak into the hands of hostile elements or be used by the enemies of democracy.”