It was just one brief sentence in a wide-ranging throne speech, but it’s cause enough for some healthy concern. The Government of Canada has once again promised to take a look at issuing a biometric-enabled passport for “every Canadian.”
It’s not the first time the Government has stated interest in taking this Big Brother-style move. The U.S. has been pressuring Canada to boost its security check procedures at border crossings, and sees biometric information as a good way to go about it. Thanks to that line of thinking, we currently have an Enhanced Driver’s Licence available in Canada that almost no one is using. Ontario’s Privacy Commissioner wants an off-switch for the RFID chip on this card, and Saskatchewan scrapped the licences entirely while citing privacy concerns.
It’s true that attaching biometric information to a passport could potentially boost security means and even be a convenient time-saver to frequent travelers. But there’s also a huge risk to personal information leaks as a result of corruption or abuse of the system by unauthorized actors. The Government must exercise an abundance of caution in designing a biometric-enabled passport.
About a year ago now, I was shown how poor the security in U.K.-issued biometric passports is. Philip Taysom is the director of Peratech Ltd., an RFID chip manufacturer that also makes an on/off switch for such devices. Using a simple RFID reader anyone could buy, he demonstrated with his son’s passport that a simple wave of the reader gleans a long list of private details.
That’s a privacy nightmare. Canada must avoid the same fate. Even a unique string that can be used to identify the cardholder is potentially privacy invasive.
The biometric passports must be in the control of those that own them. The Government should also seriously consider whether everyone absolutely needs one, or if it is an optional convenience for frequent border hoppers.