Privacy took another hit this week

With the introduction of obligatory finger prints in Dutch passports this week, privacy has taken another hit. When applying for a new passport (or identity card), it will be mandatory to provide four finger prints. Two of these will end up in the RFID chip in the travel document. This is due to EU legislation and will be implemented in all European countries.

As an added bonus, all Dutch finger prints will be stored in a central database, accessible by the Police. Scary, considering that the Netherlands has 12 times as much telephone taps on its inhabitants compared to the United States. It has to be noted that the EU legislation does not require this at all!

For a few years now, I have been refusing the enter the United States. Main reason: you are mandated to supply all 10 finger prints at the border. You can easily choose to not enter the US anymore. When your own country starts implemented such unnecessary rules, it becomes much harder. Adults are required to carry ID. You need an ID for getting a job, a house, an Internet connection, almost everything you need in life.

Many people will say: “Who cares? You have nothing to hide, do you?”. Sure you do, I don’t know much people who would write their credit card credentials on their front door, for everybody to read. But this is not the point, it gets scary once the data collected will be used against you. Fraud with finger prints is absolutely not unheard of, the CCC already researched this in 2004. Identity theft will become much easier, since finger prints are stored in the RFID it is easily read out wirelessly. These can then subsequently be faked. People usually try to find a balance between privacy and safety for these kind of things. Since many highly value safety, they have no problem to turn in some of their privacy. The problem with finger prints is that it provides absolutely no safety at all.

An interesting remark I found on this was about access verification based on finger prints. Now that you have to carry your ID with you, with the finger prints on the RFID, you basically always carry your “password” with you. Free to read out from 5 to 100 meters. We can be pretty sure the encryption scheme for passports will be hacked, if it has not been hacked already.

Fortunately, I got a new identity card for travel in Europe last Summer, so I should be “safe” for another 4.7 years…