Credit card hackers prove no database is safe • Minister of Improvement of Government Services Michael Eitan opposes nationwide biometric database • Labor party leader Shelly Yachimovich says protection of our privacy is severely lax.
Zeev Klein, Ilan Gattegno, Hezi Sternlicht and Mati Tuchfeld
This week's alarming credit card hacking incident has the government concerned that a nationwide biometric database that includes personal information on Israeli citizens may also come under cyber-attack in the future.
Israel's biometric database was created as the result of a bill passed in the Knesset in 2009, despite opposition from privacy rights groups. The purpose of the database is to help identify citizens during a large-scale disaster, aid in the identification of criminals and crime scene investigations and as a tool to combat terrorism.
According to the law, citizen identification cards are to include fingerprints and a digital photo of the person's face. These details will enable the person to receive a "biometric passport," which in turn will help police in their border control activities.
Interior ministry officials, soldiers and law enforcement personnel will be able to compare biometric data in identification cards or travel documents with biometric data obtained from the person in question.
The law stipulates that the encrypted nationwide biometric database would not include any information that could help hackers identify the owners of individual biometric data, and every transaction with the database would be documented. In addition, police and other security officials will be able to extract data from the files only if they possess a legal warrant to do so, and the punishment for unlawful access of the database will be up to seven years in prison.
Until Oct. 31, 2013, citizens can voluntarily join the database. After that date, however, all Israeli citizens will be obligated to enter their fingerprints and a digital facial photo into the database.
With the date for obligatory submission of biometric data drawing near, and as more cases of information hacking from public platforms emerge, government officials and members of Knesset are debating the usage of Israel's biometric database.
Labor party leader MK Shelly Yachimovich opposes the biometric database, fearing that Israel's enemies may access the information just like the alleged Saudi hackers who recently accessed and leaked onto the Internet thousands of Israelis' credit card information - including Yachimovich's own.
The Labor chair - who refers to the biometric data law as the "dark law," said following the hacking incident Tuesday that "like many other Israelis, I felt more than ever that the protection of our privacy is extremely lax."
"The worst problem is not the hacked credit card database but rather the government's establishment of a biometric database – an undemocratic database – that will create an enormous pool of fingerprints, facial photos, and countless other personal details on innocent citizens. It has become decidedly clear that the promises of information security are absurd and that every database is destined to be hacked. The government must urgently learn this lesson and permanently shelve the project, which endangers the safety and privacy of the country's citizens. The intimate information in the database has every possibility of being leaked to hostile or criminal groups, or even to people who would simply use the information for their own greed."
Improvement of Government Services Minister Michael Eitan is also opposed to the biometric database. "The credit card numbers that were hacked can be replaced, but what will we do when the biometric database gets hacked? Can we replace the faces of Israeli citizens? Can we burn new fingerprints onto our citizens?" Eitan said.
MK Ronit Tirosh (Kadima), who chairs the Knesset Science and Technology Committee said, "The hacking of Israeli Internet pages is the beginning of a cyber war, which aims to paralyze infrastructures that are vital to the State of Israel - including electricity, water and communications. Authorities dealing with cyber affairs must take action immediately."
MK Dov Khenin (Hadash), a member of the Internal Affairs and Environment Committee, issued an urgent letter to Interior Minister Eli Yishai, urging him to oppose the biometric database. "This hacking of credit card information should serve as a warning on the dangers of the biometric database," he wrote.
Attorney Dan Chai - an expert in privacy laws and the laws of Internet and technology - who authored the book "The Protection of Privacy in Israel" - said on Tuesday that ""The credit card affair is yet another warning signal, one of many we've witnessed in recent months. Just as weapons companies, the Pentagon and our own census bureau were recently hacked, so will the dozens of databases the government plans to establish, especially the biometric database."
There are, however, voices who support the establishment of a biometric database in Israel. Attorney Ohad Maimon of Prof. Yuval Levi's law office - which specializes in legal matters of privacy and databases - said that "the attempt to associate the biometric database with the credit card hacking may mislead and frighten the public unnecessarily. The comparison between leaked information from unprotected Internet sites and the level of security planned for the biometric database is like comparing a high school soccer team to a championship-winning professional team."
Meanwhile, the Prime Minister's Office explained Tuesday that the credit card hacking incident was not handled by the special department tasked with combating cyber warfare because it was classified as an attack on the business sector and not an "Internet terror attack that could undermine essential systems in Israel."
No comments:
Post a Comment