Computers, Privacy & the Constitution

The Iraqi biometric identification program and its relevance to privacy rights in the U.S.

-- MadhuPocha - 13 May 2008

Last year news organizations reported on the U.S. military’s quietly growing efforts to build a biometric database for all Iraqis. Using handheld scanners and laptops, U.S. troops first began collecting personal information, such as fingerprints and iris scans, in areas where insurgent attacks had recently occurred. However, the military’s data-collection efforts rapidly expanded beyond insurgent areas in Anbar province and now include Baghdad. And the information can already be cross-checked against Saddam’s old Ba’athist biometric databases. Possibly hundreds of thousands of Iraqis have now “voluntarily” agreed to give their personal information in return for ID cards that must be presented in order to enter particular neighborhoods and even markets.

Human rights groups quickly attacked the program for its infringement of privacy rights and its potential for future misuse. Human Rights Watch's response was typical of those that directly addressed the issue. In a letter to Defense Secretary Robert Gates, HRW argued that the biometric identification program contravened international treaties and increased the future risk of sectarian and ethnic violence. Like other groups upset by the military’s actions, HRW recited the usual sources of international privacy protections, like article 12 of the Universal Declaration of Human Rights and article 17 of the International Covenant on Civil and Political Rights, both of which recognize privacy as a fundamental human right (the U.S. supported the adoption of the former and both the U.S. and Iraq ratified the latter).

What is interesting about the biometric program is not that it elicited criticism. After all, even the military has acknowledged the risks. Lt. Col. John Velliquette, one of the military’s biometrics managers in Iraq, admitted that the database could become a “hit list” in the wrong hands. And the Pentagon’s Defense Science Board noted in a 2007 report that biometric systems raise privacy concerns.

Rather, I was struck by how the Iraqi biometric program reflects on the state of privacy rights in the U.S. and how the treatment of those rights at home and abroad is connected. First, I am surprised that anyone would be surprised at all by these disclosures. The invasion and occupation of Iraq has been shrouded in lies and deceptions from the very beginning. And the decision itself to project our power abroad in this way―through war―makes the existence of a biometric identification program a predictable development in the effort to use all means available to kill our “enemies” and protect our empire.

Second, this particular exercise of power abroad is an extension of what the current administration has done at home. It is not surprising that a government that wishes to subject its own citizens to Total Information Awareness, warrantless wiretapping, or the Real ID Act might try to similarly infringe the privacy rights of an occupied people who are presumably beyond the reach of the Constitution. This is one reason why HRW’s letter caught my attention. The recitation of general privacy rights, as embodied in various international treaties, struck me as an inadequate response to a government that is willing to push and break the limits of even its own laws.

At this point, we can only protect the privacy interests of Iraqis by pushing for the sort of political leadership that would also recognize the value of privacy rights domestically. A new administration will enter the White House next year and that brings the prospect of change. But we cannot rely on that alone. As I wrote in my first paper, we must push for new legislation; however, unlike the position advocated by Robert Glunt, I believe we must also pursue constitutional remedies even if legislative ones are much more feasible in the short term. The federal courts continue to provide an opportunity for securing the recognition of constitutional principles that can withstand the wavering commitments of the political branches. In this way, a two-pronged approach that focuses on securing judicial recognition of fundamental privacy rights, in addition to comprehensive privacy legislation, may offer a better chance at advancing normative privacy values and implementing practical privacy protections that actually have staying power.

Further, we must make a concerted effort to raise public awareness of the dangers of any legislative reforms that permit the government to continue to violate individual privacy rights through “consent.” Few have questioned the “voluntary” nature of the U.S. military’s biometric efforts. Although I do no doubt that most Iraqis are asked for their permission before submitting to fingerprints and iris scans, the circumstances make this a highly coercive situation. Armed U.S. troops come to your door and ask you for your permission to collect information that they claim will be used to find insurgents and other “bad” men―it is hard to imagine that many people would say no, even those who are concerned about protecting their privacy. The idea that informed consent can actually exist in this context is thus dubious. But even assuming that it can and that people are willing to exchange their privacy for the hope of safety (as Fayath Abas of Fallujah was apparently willing to do because “[w]e can find out who is bad and who is good”), consent alone does not make a wrong a right.

The Iraqi biometric program again illustrates how our government’s treatment of privacy rights abroad is linked to its behavior at home. While the dangers faced by Iraqis are obviously greater, the current administration has tried to use the threat of terrorism to strong arm consent from Americans as well. But informed consent cannot remedy privacy infringements that are unconstitutional, and the unconstitutional conditions doctrine ensures that the government cannot condition benefits or the exercise of basic rights on consent to unconstitutional conduct. We may not yet be at the point where we can confidently assert, for example, that the government’s warrantless use of personal data mined by private companies is unconstitutional or illegal, but I believe we must remain vigilant to the threat posed by “consent” even as we pursue legislative and judicial remedies.

993 words


Webs Webs

r3 - 23 Jan 2009 - 15:58:54 - IanSullivan
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM