Thursday, 1 April 2004

ICAO session concludes early after finalizing passport and reservation standards

The International Civil Aviation Organization (ICAO) Facilitation Section meeting in Cairo adjourned today, a day earlier than scheduled, after a session with little controversy between the delegates and, it would appear from the early adjournment, little serious debate or discussion on the issues raised by the privacy, civil liberties, and data protection organizations that weren't represented in the delegations.

According to Mr. Denis Gagnon, spokesperson for ICAO at its headquarters in Montréal, "Biometrics on passports have been under study by ICAO since at least 1997." But to the best of Gagnon's knowledge, no privacy or civil liberties organization or agency has ever been consulted by ICAO or invited to attend an ICAO meeting. Nor, so far as Gagnon knows, did any of the government delegations to the just-concluded ICAO session include any representatives of those governments' privacy or data protection authorities.

Gagnon says, probably quite correctly, that ICAO evaluated the RFID and biometric passport requirements, and the proposals for standardization of PNR and "Advanced Passenger Information" (API) data and their sharing with governments, solely on the basis of ICAO's mandate to facilitate "efficiency" and "security".

"ICAO is a technical standards-setting body, and efficiency and security are ICAO's mandate from governments," Gagnon says.

But aside from whether RFID and biometric passports will actually increase anyone's security, there's a larger question: If ICAO's mandate isn't to consider anything other than efficiency and security, who's responsibility is it to consider other factors like civil liberties? Universal tattooing of people with numbers corresponding with those on implanted RFID chips might be efficient and, by some measures, secure, but that doesn't mean that it would be good public policy.

If ICAO considers that its mandate forbids it from considering the implications for civil liberties of its technical standards, what does ICAO think is the proper forum in which those issues should be considered? And who should decide whether, on these and other grounds, ICAO's technical recommendations for efficiency and security shoiuld or should not be adopted as public policy?

"I know what you're getting at, and that's a very interesting question," Gagnon told me. He promised to try to get an answer to that question from ICAO officials at the Cairo meeting, and I'll be interested to hear where they think their critics should turn.

Today's announcement from ICAO of the conclusion of the Cairo session said that it had agreed to recommend that all countries begin including machine-readable digitized photos on passports by 2010 -- a compromise between earlier dates desired by the USA and some European countries seemingly more interested in surveillance, and later dates preferred (to delay the greater cost of producing the new passports) by less wealthy countries.

In a disturbing hint at the potential for abuse of these biometric passports, ICAO say, "This makes possible rapid comparison, either one-to-one with the person and document, or one-to-many using a database to positively identify an individual."

Today's announcement was unclear on what exactly had been agreed regarding the proposals by the USA for standarization of PNR and API data to facilitate government access to passenger information, and didn't mention RFID (which had been proposed as the standard method of storing the digitized facial image and/or otyher biometric identifier) at all. I hope to have more details of the decisions on these issues tomorrow.

Link | Posted by Edward on Thursday, 1 April 2004, 18:55 ( 6:55 PM) | TrackBack (0)
Comments
Post a comment









Save personal info as cookie?