Israel is preparing to issue biometric IDs

New regulations and orders introduced by the Ministers Committee for Biometric Applications set the ground for a two years biometric IDs issuance trial period. The Ministry of Home Affairs is making final preparations to start issuing the IDs that will contain encoded fingerprints and facial image, and will be stored in a national database. A campaign led by privacy activists against the controversial biometric database has failed to yield a positive result so far.

On December 2009, the Israeli parliament (the 'Knesset') enacted the Biometric Identifiers and Biometric Data Inclusion in Identification Documents and a Database Act (The "Biometric Data Act"). The act is meant to tackle large-scale loss and theft of identification cards and passports, later used by criminals and terrorists.

The Biometric Data Act is far-reaching. Following a two year trial period, every citizen will be compelled to provide two fingerprint samples and a facial photograph, to be digitally stored in a national database and on chips embedded in passports and national IDs (National IDs are mandatory in Israel for citizens over the age of 16). The digital ID will also carry a certified electronic signature to be used as a substitute for regular signatures in execution of transactions.

The biometric database is not made solely to manage the identification of ID and passports applications. It will also serve as a valuable source of information for law enforcement agencies, under the supervision of a new authority that the Ministry of Home Affairs established specifically for that purpose.

The act as a whole and specifically the biometric database, raise significant concerns. Privacy advocates urged the Home Office to re-evaluate the potential grave risks to information security and privacy that the database poses, e.g. the irreversibility of biometric data loss and the public's general mistrust in the government's ability to secure the database. A proposition to transform the data base into a blurred Set-base that will enhance security and privacy was recently offered by Prof. Adi Shamir, a well known cryptographer. The Law Information and Technology Authority (ILITA) backed Prof. Shamir's proposition, however the government eventually rejected it.

The new regulations under the Biometric Data Act include a set of procedures for issuing a biometric ID, taking fingerprints and facial images from applicants, encrypting and securing the data and transferring data between authorities.

A governmental order accompanies the regulations and sets specific rules for the two years trial period. During this period that starts in November 2011, biometric IDs will be issued to Israeli citizens, subject to their written and signed consent. At the end of the trial period, professional auditors will evaluate the extent of the trial's success, under a set of pre-determined parameters and feedback from applicants. Unless the Ministry of Home Affairs decides otherwise in light of the trials results and public debate, the Biometric Data Act will come into full effect at the end of the trial period and all citizens will have to provide their biometric data, which will be included in the IDs and passports, and stored in the national database.

The full wording (in Heberw) of the Biometric Data Act is available here. Press the links for the full wording (in Hebrew) of the new reulations and order.

For further details contact Dan Or-Hof, CIPP, at Pearl Cohen Zedek Latzer.