Fingerprinting annoyance

Black Unicorn unicorn at schloss.li
Tue May 14 16:30:57 PDT 1996


On Mon, 13 May 1996, Timothy C. May wrote:

> At 6:26 PM 5/13/96, Mark O. Aldrich wrote:
> >On Mon, 13 May 1996, Senator Exon wrote:
> >
> ><snip>
> >> i can fill out and manipulate the card myself i just need a
> >> working method.
> >> is there no privacy advocate who can help me?
> >>
> >
> >I think most privacy advocates would advise, "Refuse to submit."  It
> >sounds like you're looking for more of a hack on the fingerprinting process.
> 
> And if you are working for me, and I ask for a fingerprint, and you refuse
> or "smear" the results (repeatedly, as the first smearing I may just take
> as your token protest and have you printed again), you'll be out the door
> by the end of the day.

On the other hand, if more subtle doctoring escapes your notice....

> (Personally, I've never worked for a company which demands fingerprints,
> but I've worked for companies which demanded ID badges and signatures, and
> these are effectively as intrusive. And I suspect that my former employers
> are now using thumbprints, and maybe full prints.)

I disagree.  ID badges and signatures are identification surely, but the
manner and process by which fingerprints are collected and used is
certainly more intrusive.  There is no, for example, national database of
signatures or corporate ID cards.
 
> Trying to convince a company that photo ID badges and fingerprints are Bad
> Things is perhaps admirable, just realize that in a free society that
> employer is under no obligation to hire someone who refuses to go along
> with the company's security policies. (This relates to the "civil rights"
> thread.)

Which is why clandestine methods are more effective.

Sure, the employer can fire you if they find you out, but they have to
find you out first.

This is why "in your face"ers like Mr. Bell and others tend to fail in
their efforts.  They take the wrecking ball approach rather than run
around the stone in the river.

> >of like a key certificate.  If you really can dork the card, have ten
> >different people volunteer one print each.  There's no way that they'll
> >ever be able to use that as evidence in a court or for any other purpose,
> >either.
> 
> A stupid idea. As the employer, I wouldn't have to prove it a court of
> law...suspicion alone that some of my employees were fucking up a security
> system might be enough for me to either a. promote them to the Tiger Team,
> or b. fire their asses.

I think the concept was that it should be done in a way so as to reduce
attention.  10 dead men's prints (provided none were fugitives) might be
an interesting way to go about it.  Certainly less obvious than smearing.

> (I just can't understand where this pervasive meme is coming from here on
> this list, the notion that employers are severely limited in what they can
> do to employees unless they can "prove it in court. Like it or not, most
> employees in the United States are still employed "at will," and are not
> covered by employment contracts such as some executives and the like get.)
> 
> >If you're forced to do this in person with a tech, you can continuously
> >"fight" the grip they have on your hand and smudge the card.  However,
> 
> Sure. It makes it easy for the employer to simply say "Next candidate."

Seems to me that the issue here is not getting fired, but what the
collected identification information will be used for in future.  I
consider spoofing prints and other biometric type information legitimate
if the motive is to avoid later identification for purposes not related to
the employment for which identification was required.

All this "suck it up and get printed" talk has me somewhat disconcerted
with the list.  Have many here not consistantly indicated that privacy is
something that must be self assured?

Isn't this the list that is so paranoid about what might be done with
escrowed keys?  Who might bribe the keepers into releasing such
information?  What might it be used for?  What about corporations selling
information about employees?

How are fingerprints any easier?

One can thing of countless examples in history (carefully avoiding
Godwin's Law in the process) where once legitimate record keeping and
registration was perverted for illicit, even evil use.

I think that unless proper means are taken to safeguard information,
social security number, license plates, and fingerprint records included,
that the individual is perfectly within rights to take his or her own
safeguarding initiatives.

Where those methods are not intended to simply evade prosecution, but
rather to foil extreme recordkeeping, I believe them legitimate.

> --Tim May

---
My preferred and soon to be permanent e-mail address:unicorn at schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information
Opp. Counsel: For all your expert testimony needs: jimbell at pacifier.com







More information about the cypherpunks-legacy mailing list