Ybor City's face recognition cameras claim their first innocent v ictim.

Thu Aug 9 11:22:56 PDT 2001

pz wrote:

> Why isn't automated video surveillance considered biometric?  Isn't the
> point of biometric identification to reduce
> personally-identifiable features
> into a code which can be easily stored and referenced
> computationally?  And
> if so, this video surveillance system, with its automated face recognition
> software, should be considered a form of biometric
> identification.

It is biometric.

> Further,
> if the category "personal information" isn't just about medical history,
> financial records, etc., shouldn't it include photographs and video and
> voice?

It should. Realize the IBIA has been very responsible, in comparison to
other industries. They had some problems with the CA bill, but left a lot of
the safeguards. The industry wants to see safeguards - but yes, they serve
their own interests.

Go look at the IBIA membership - where are the privacy advocate positions?
They do have some noted advisors. They offer a membership for end-users but
it is more expensive than one of their lower-tier vendors. I see the reasons
for it, common in many industry associations. However, I wish more of them
(specifically, the IBIA and the SIA - Security Industry Association) would
establish formal advisory relationships with privacy advocacy groups.

I advocate a *new* privacy advocacy group for security-privacy and
surveillance.

> Obviously the IBIA demonstrating naivety when it says
> biometrics are
> simply "electronic code" and not personal information.

:)

> (which reminds me of a speaker at biotech 2001 who advocated the
> sharing of
> all mri and xray images to futher research into computational
> biology -- as
> for privacy "we'll figure it out later".)

That's a big medical privacy issue. Interesting cases on that.

First Monday just had an interesting paper on blind research
infomediaries...I was trying to turn it into something we had talked about
privately...go over there an look....didn't look like it would work.

> The rest of the privacy policies of the IBIA
> (http://www.ibia.org/privacy.htm) are horribly off the mark as well.  What
> about the concept of individual rights to provide/not provide data; insure
> that the $7/hour rent-a-cop is monitored to make sure he isn't using data
> illegally; insure data won't be used in applications/research not already
> agreed-to in advance by the individual; individual right to not have
> biometric information collected in the first place or even opt out of
> existing databases, etc. etc.?

Ah, fair information code of practice - yes, indeed. However,
security-privacy is a unique juncture. I argue that they should incorporate
more of these standards. I don't like their principles approach. Show me
exemplar guidelines that are comprehensive in nature. Show me a
accountability.

HYPO:

-deleted as to too sensitive and cypherpunk-provoking-

Sent to you privately.

HYPO:

Are we moving to a biometric crypto-passphrase? Good/bad? Why?

HYPO:

No hypo, but I just heard something about ANONYMOUS biometric digital cash.
How the hell do you do that?

~Aimee