Begging to be hacked? (Illustration)
Photo: Index Open

Experts: Biometric database system unsafe

Information security experts warn government's chosen storage method for information included in controversial database lacking

How vulnerable will Israel's future biometric database be? The Ministerial Committee on Biometric Applications' has come under fire Tuesday for refusing to use a highly complex storage and encryption method meant to minimize any infringement on the highly sensitive information.


The Biometric Law's guidelines, which were approved Monday, are meant to enable a pilot program for Israel's future biometric database, but experts believe that the committee's choice of encryption systems – though state-of-the-are – will still leave it vulnerable.


Related stories


The point of dispute is the database's storage and encryption system. The committee debated between two systems:


  • The first – a system suggesting that the information be split within each file, divided into random group and stored on several servers, which would not allow various details to lead to a specific individual in case of a breach. A special encryption key would be necessary to piece together anyone's true identity.
  • The second – all biometric data would be stored along with an individual's regular identification details, as they exist today.


Population and Immigration Authority officials said that only a handful of people within the Biometric Administration would have access to the database, which would be under the Interior Ministry's control.


The Justice, Treasury, Homeland Security and Interior ministries, as well as the police, voiced their support for the second, simpler option; saying the first was "too complex and may impair the work of bodies in need of the information."


Minister Michael Eitan, however, scathingly criticized the choice, saying the committee's decision to ignore the recommendations of top information security experts, "Makes the pilot program into an experiment which hyperbolically endangers the citizens' right to privacy."


Prof. Eli Biham of the Computer Science Department at the Israeli Institute of Technology told Yedioth Ahronoth that the system chosen virtually begs an infringement on privacy: "Anyone who knows Israel knows that eventually, any private investigator with good connection in the police department would be able to access the database.


"Obscuring the information could stop this kind of anarchy," he said.


The Association for Civil Rights in Israel said that "The government has decided to construct its database in a perilous manner… It is clear even now that this database will grossly infringe on Israeli citizens' rights."


The Ministerial Committee on Biometric Applications' recommendations are now pending the approval of a joint Knesset Constitution, Law and Justice and Science and Technology subcommittee.



פרסום ראשון: 05.17.11, 15:06
 new comment
This will delete your current comment