Everyone has fingerprints!

The BBC has a grim tale of a family with a genetic mutation which means they have no fingerprints. It details the issues they have getting official ID.

In 2010, fingerprints became mandatory for passports and driver's licences. After several attempts, Amal was able to obtain a passport by showing a certificate from a medical board. He has never used it though, partly because he fears the problems he may face at the airport. And though riding a motorbike is essential to his farming work, he has never obtained a driving licence. "I paid the fee, passed the exam, but they did not issue a licence because I couldn't provide fingerprint," he said. The family with no fingerprints

Even if this genetic issue didn't exist, it should be obvious that not everyone has fingers, or hands. Some people are born without hands, some people lose them later in life.

Policy is about the edge-cases. It's easy to design something which works for the majority of people - the real challenge is how we deal with the fringes.

Everyone has a unique face / unique DNA

Ever heard of twins, dumbass?

OK, it is a little bit more complicated than that.

It is easy to revoke a biometric indicator

Even if you assumed that everyone has ten fingers - that means you can only change your ID 9 times. If you're using iris recognition, that's one change you're permitted before you have to grow new eyeballs.

Biometrics can't be copied

Back in 2002, Tsutomu Matsumoto copied fingerprints using Gummy Bears.

Researchers can consistently fool iris scanners

3D printed facemasks can defeat facial recognition systems.

The thing about biometrics is that they are not secret. You leave your fingerprints everywhere. If a camera can read your face, it can copy your details.

Biometrics can't be changed

Will having a "nose job" stop your iPhone from recognising you? Probably not. But there are a range of surgical procedures which can be done.

People who have Facial Feminisation Surgery can be given a letter from a doctor to explain to border guards why a person's face may no longer match their biometrics.

What are they good for?

Biometrics are not passwords. Nor are they a universal 2nd factor. Biometrics are, at best, usernames.

For the average user, it's probably fine to use your fingerprint or face to unlock your phone. If you think an enemy state is going to devote considerable resources to steal copies of your biometrics, consider changing to a different password mechanism.

Or, if you have kids.

Pushkar

@Pushkarr

Friend's 5-year old daughter started unlocking his phone with his fingerprint while he's asleep so that she can play games.

He now sleeps with gloves on. #lifeisblackmirror

---

Or if you're cheating on your spouse.

A Qatar Airways pilot was forced to make an emergency landing after a passenger found out her husband was cheating on her and had a violent reaction in midair. The woman reportedly used her sleeping husband's finger to unlock his phone and discovered his cheating ways. Eyewitness News

In a safe-ish environment, biometrics are a good convenience mechanism. If your phone is snatched by an opportunistic thief, they're unlikely to have the means to spoof your ID.

But they are not a perfect security measure.

‘Understanding how the zeros and ones increasingly influence and control our lives is critical to understanding how we can reciprocate influence and control back onto those zeros and ones.’ This vital book is a call to action: to reduce online harm, to protect the integrity of our digital lives and to uphold democratic participation and inclusion. A diverse group of contributors reveal the hidden impacts of technology on society and on individuals, exploring policy change and personal action to keep the internet a force for good. These voices arrive at a crucial juncture in our relationship to fast-evolving technologies.

Possibly the most important and timely book I've read about the state of Digital Policy. Written in the aftermath of the horrific fascist/terrorist attacks on New Zealand - and in the early stages of the COVID-19 crisis - this book examines some of the knotty problems facing Aotearoa.

This is not a parochial, inward facing text. All the problems it identifies are applicable worldwide. It presents a compelling case on how we should construct digital policy as we emerge from the shadow of COVID.

The section on Indigenous People's data rights, and the colonialism present in the current infrastructure, has lots of Te Reo (Māori language) phrases. That can be a bit intimidating for a newcomer - but it's nothing that a few minutes with a decent dictionary can't fix.

There were two particularly interesting questions that I was left with.

1. What's the carbon footprint of, say, GOV.UK? Do we make enough use of renewable energy? Can we schedule computationally heavy tasks for times when green energy is at its peak?
2. How do we make the language we use more inclusive? We need to take people on a journey, and if they can't understand our acronyms and jargon, we lose them.

The book is available DRM free from https://www.bwb.co.nz/