Cory Doctorow: SA’s biometric ID cards are really bad idea
The new South African ID cards are like passports that are issued at birth: they’re a really bad idea. That’s not just us saying that. It’s the opinion of sci-fi writer, BoingBoing editor and activist Cory Doctorow who has been in Johannesburg this morning at the iWeek conference, presenting on the subject of ‘You can’t fix society by breaking the Internet’.
“The problem with biometric security is that biometrics leak… your finger prints are all over this conference room, and so are mine.” Doctorow said, “That makes them bad authentication tokens as they’re easy to obtain and impossible to revoke.”
The ID cards, which will be accompanied with a new citizen’s register that centralises information about South Africans, were broadly welcomed as a solution to crime and fraud, and few raised objections on the grounds of privacy. Indeed, President Jacob Zuma went as far as to say:
The pass laws dictated where people should live, where they should work, where their children could go to school, based on the colour of their skin. Carrying a pass then was an insult and an affront to the dignity of our people… The new ID smart card has biometric and other features that for the first time will enable individuals to prove their unique identity with 100% certainty. This will prevent many forms of fraud and will enable government and business to deliver services that are more secure, efficient and accessible.
Neatly equating the new ID cards with the freedom of modern South Africa compared to the state control via the use of ID documents of the past. In some quarters, that speech might be viewed as a perfect example of Orwellian double speak, given that a single token linked to a state-run database that’s may end up getting scanned at every parking lot of mobile phone store is a great tool for surveillance of one’s own citizens.
Doctorow pointed out that he wasn’t surprised at the lack of objection from the general public.
“Surveying the general public about privacy is a bad idea. It’s like asking people who haven’t been mugged about mugging. How do you get people to understand that when you build out a system that makes authoritarianism possible [it will be abused].”
Talking about the recent revelations that the US spy agency, the NSA, has compromised important encryption techniques and invaded privacy on a global scale in the name of security, he pointed out that South Africans should be more sensitive than most to the dangers of an authoritarian state which uses technology to spy on its citizens.
The fiercest campaigners for privacy laws in the EU are those from ex-communist states like East Germany (GDR), because the totalitarian state existed within living memory.
Personal freedom and privacy is “the next phase of the DRM wars,” Doctorow said, referencing his own history of activism against software that “puts a mote in the eye of the computer”. Evangelising on behalf of open source development, he pointed out that agencies like the NSA not only introduce network flaws that can be exploited by criminals, they actively prevent zero day exploits being fixed by encouraging those who discover them to sell the secrets to government rather than volunteer it to the vendor in expectation of a fix.
On the use of the internet in Africa, Doctorow focussing on the use of technology to solve social problems on the continent. He presented the case for Free and Open Source software over proprietary software and computers that are “crippled”.
New African entrepreneurs should avoid getting locked in to proprietary software, he said, in order to get the real value from the code.
“One of the things we’ve learned from the Ubuntu movement,” Doctorow says, “Is thaa the developing world has a need for tech… [with open source software] people can make made in Africa solutions to made in Africa problems.”
We’ll be uploading a video of the whole event shortly.