xcbf message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [Elist Home]
Subject: [xcbf] [Fwd: [xcbf-comment] XCBF 1.0 Has Confused Security WithPrivacy]
- From: "Phillip H. Griffin" <phil.griffin@asn-1.com>
- To: "[OASIS XCBF]" <xcbf@lists.oasis-open.org>
- Date: Fri, 28 Feb 2003 21:28:46 -0500
This message from a member of EPIC was sent to the XCBF public
comment list. I wanted to make sure that all of the XCBF members
had seen this comment.
Phil
-------- Original Message --------
The Electronic Information Privacy Center (EPIC)*, a public interest research
center that has extensive expertise in privacy, submits the following comments
on the OASIS XML Common Biometric Format (XCBF) 1.0 Committee Specification.
In submitting our comments, EPIC understands
that biometrics entail automated methods of recognizing persons based on
physiological or behavioral characteristics; that biometrics are used to
recognize the identity of an individual or to verify a claimed identity;
that XCBF offers a standard XML schema for biometrics, which describes information
that verifies identity based on human characteristics including fingerprints,
iris scans, hand geometry, and DNA; and that these XML encodings are based
on the ASN.1 schema defined in ANSI X9.84:2003 Biometric Information Management
and Security (and therefore respect the X9.96 XML Cryptographic Message
Syntax security requirements).
The XCBF 1.0 specification -- while it may respect security standards
-- cannot be fairly or accurately described as respecting or achieving privacy.
Technologies or protocols that respect privacy assist in minimizing or eliminating
the collection of personally identifiable information. For example, anonymous
remailers allow users to anonymously send emails and post to newsgroups,
by not log incoming and outgoing traffic information and stripping email
headers of personally identifiable information. As another example, digital
tickets authorize the ticket-holder to perform some action without collecting
or transferring personally identifiable information of the ticket-holder.
By contrast, techniques that enable the collection of personally identifiable
information in the absence of enforceable legal rights or technical safeguards
necessarily create a new risk that personal information will be misused.
Security is not tantamount to privacy. Technologies that respect security
may prevent unauthorized parties from gaining access to protected data --
and XCBF 1.0 seems to achieve this goal -- but such standards say nothing
about the how the information will be used or whether authorized parties
will use information in a way that is detrimental to the interests of the
data subject.
Because standardization of biometric data in machine-readable format makes
massive and efficient automated data aggregation techniques much simpler,
more careful consideration and actual deliberation of privacy safeguards
is crucial. None of this is reflected in the current proposal.
We recommend that the specification be changed to
acknowledge that XCBF 1.0 does not respect privacy, and recommend further
research into implementing privacy safeguards within the protocol.
Sincerely,
Marc Rotenberg, Executive Director
Ruchika Agrawal, IPIOP Science Policy Fellow
EPIC
*EPIC is a public interest research center in Washington, D.C. that has extensive
expertise in privacy. It was established in 1994 to focus public attention
on emerging civil liberties issues and to protect privacy, the First Amendment,
and constitutional values. Since its founding, EPIC has participated in
extensive agency comment, litigation, and public education to promote privacy
and civil liberties.
For more in depth discussions on technologies or protocols that respect
privacy, see:
Anonymizer.com; http://www.anonymizer.com/
(visited on October 22, 2002).
Stefan Brands; "A Technical Overview of Digital Credentials"; February 20,
2002; http://citeseer.nj.nec.com/brands02technical.html.
Stefan A.Brands; �Untraceable Off-line Cash in Wallets with Observers�;
Advances in Cryptography-CRYPTO �93; Springer-Verlag; 1994; p.302-318.
Herbert Burkert; �Privacy-Enhancing Technologies: Typology, Critique, Vision�;
Technology and Privacy: The New Landscape edited by Philip Agre and
Marc Rotenberg; The MIT Press (Cambridge, 1997).
David Chaum; �Achieving Electronic Privacy�; Scientific American,
August 1992; p. 96-101; http://ntrg.cs.tcd.ie/mepeirce/Project/Chaum/sciam.html.
David Chaum; "Prepaid Smart Card Techniques: A Brief Introduction and Comparison";
Digicash; 1994; http://ntrg.cs.tcd.ie/mepeirce/Project/Chaum/cardcom.html.
Roger Clarke; �Roger Clarke's PITs and PETs Resources Site�; http://www.anu.edu.au/people/Roger.Clarke/DV/PITsPETsRes.html#Orig
(visited on October 21, 2002).
Whitfield Diffie and Martin E. Hellman; �New Directions in Cryptography�;
IEEE Transactioins on Information Theory; IT-22(6); November 1976.
Roger Dingledine, Michael J. Freedman, David Molnar; "The Free Haven Project:
Distributed Anonymous Storage Service"; December 17, 2000; http://citeseer.nj.nec.com/543510.html.
Simson Garfinkel; PGP: Pretty Good Privacy; O�Reilly & Associates,
Inc. (Sebastopol, 1995).
Simson Garfinkel with Gene Spafford; Web Security, Privacy & Commerce;
O�Reilly & Associates, Inc. (Beijing, 2002); Second Edition; p. 262-283.
Simson L. Garfinkel and Abhi Shelat; �Remembrance of Data Passed: A Study
of Disk Sanitization Practices�; IEEE Security & Privacy; January/February
2003.
"Privacy-Enhancing Technologies: The Path to Anonymity"; Volume 1; Joint
report by the Dutch Data Protection Authority (RGK) and the Information and
Privacy Commissioner for the Province of Ontario, Canada (IPC); August 1995.
Marc Rotenberg, Director of Electronic Privacy Information Center; Hearing
on S. 809, The Online Privacy Protection Act of 1999, Before the Subcommittee
on Communications Committee on Commerce, Science and Transportation, U.S.
Senate; July 27, 1999; www.epic.org/privacy/internet/EPIC_testimony_799.pdf.
Marc Rotenberg, Director of Electronic Privacy Information Center; �Privacy
in the Commercial World�; Before the Committee on Energy and Commerce, U.S.
House of Representatives, March 1, 2001; http://energycommerce.house.gov/107/hearings/03012001Hearing43/Rotenberg68.htm.
Marc Rotenberg; �A Way Forward for Data Protection: Privacy Enhancing Technology�;
the PARLIAMENT Magazine; September 30, 2002.
Marc Rotenberg, Privacy Law Sourcebook: United States Law, International
Law, and Recent Developments (EPIC 2002).
Bruce Schneier; Applied Cryptography; John Wiley & Sons, Inc.
(New York, 1996); p. 126-127, p. 220-222, and generally.
Daniel J. Solove and Marc Rotenber; Information Privacy Law; Aspen
Publishers (New York, 2003; p. 27-33 and generally.
Peter Wayner; Translucent Databases; Flyzone Press (Baltimore, 2002);
p.13, p. 129-131, and generally.
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [Elist Home]
Powered by eList eXpress LLC