Archive for the ‘Surveillance’ Category

Against surveillance: more on the national ID card

October 13, 2008

Dy Shahidul Alam and Rahnuma Ahmed, NewAge, October 13, 2008

 Rahnuma Ahmed writes

My last column had ended with these words: ‘The current regime’s voter registration list has, in all probability, lessened the likelihood of fraudulent votes. But it also has, in all likelihood, laid the groundwork for installing a new regime of surveillance, one that will be deployed against the citizens of Bangladesh’ (‘National ID Cards: In the Interest of Surveillance?’; New Age, September 29).
   

Little did I know when I wrote it that Bangladeshi bloggers had intensely debated the pros and cons of national ID cards four weeks earlier (see http://amarblog.com/ashique-hasan/6501#comments). The discussion in amarblog.com had been generated by Ashiq’s Amra O Pari post, eulogising the electronic registration of voters, a feat that was termed a ‘silent revolution’. Ashiq wrote, at first, no organisation had expressed its willingness to complete the task within the period stipulated by the government, not even foreign companies. Sky-high figures had been quoted. But fortunately, the Bangladesh army had submitted its own proposal to the government, just like any other organisation. Its budget was also the lowest.
   

A person who writes under the name of Incidental Blogger had raised these questions:
   The Bangladesh army’s budget was the lowest – what is your source of information? Do you know who were the second and third bidders? Do you know why the latter failed to secure the contract?
   Who was in charge of the selection process? Who were the committee members? Could you tell us how much freedom they had in reaching their decision, and your source of information? Was any internationally-recognised independent evaluator assigned?
   What were the criteria for selection?
   

Chor, another blogger, commented further down, the national ID card project is the task of the Election Commission. Of course, the EC can request the help of the army, this is not the problem. The problem is when public money is used to charge the public for services rendered.
   Incidental Blogger further wrote, the ID card issue is linked to the issue of individual freedom, privacy, etc, this is why western governments are finding it difficult to get their own electorates to agree. Not mincing words, he wrote, does the caretaker government in Bangladesh have the right to make a decision on something as fundamental as the national ID card, something that is a matter of state policy? Did it not happen very conveniently, almost too easily? Are you sure this information will not be shared with western intelligence agencies? He went on, you may look at it positively, but I look at it as the first step in Bangladesh turning into a fascist state. 
   

I read and re-read the blog. It is good to know that my fears are shared by others. 
   

While researching for my previous article, I had surfed the internet for information, and learnt that the voter roll project in Bangladesh was a ‘co-operative venture’ between BIO-Key in the US, TigerIT in Bangladesh (their ‘systems integrator on the ground’), and the Bangladesh army. 
   

I had asked Shahidul when he came home whether he knew of TigerIT Bangladesh. No, never heard of them, he said. Hmmm, I said, their webpage says, the cofounder and chairman is Ziaur Rahman, it lists a Joseph Fuisz, as the cofounder. And guess what, a Daily Star Weekend magazine article on Info-Tech says, `TigerIT Bangladesh Limited is an offshore technology campus of TigerIT, USA, with its corporate headquarters located in Northern Virginia’ (March 2, 2007), but this is not mentioned in their website. 
   

Shahidul became curious. Read what happened next, in his words.
   
   

Shahidul Alam writes
  

 I knew about Tigers. There were the Bengal Tigers, our cricket team, even Tiger Beer. TigerIT was new. Having initiated DrikTap, the pioneering email network in Bangladesh in the early nineties, I thought I knew about the IT scene in the country. So when Rahnuma told me about this ‘cutting edge’ Bangladeshi company, I asked around amongst IT savvy peers. No one had heard of TigerIT. A quick search of the ‘who is’ database revealed that the domain tigeritbd.com had only been registered on 21st August 2007. So when on the 1st May 2007, the chief election commissioner had said the ‘countdown of the 18-month timeframe starts from today,’ the domain http://www.tigeritbd.com did not even exist! 
   

A quick search on Joseph Fuisz, the cofounder of the company, revealed that he was based in Washington DC. Since I was scheduled to give a presentation at the National Geographic in DC, I dropped Mr Fuisz a line asking if I could interview him. The ‘out of office’ response was followed by a mail saying he was away on a family holiday in Miami. It just so turned out, that I was presenting at Miami University on 30th September. I suggested we meet in Miami and provided my itinerary. Upon arrival at Miami, I received the following mail, ‘Unfortunately, I have been tied up in meetings all day today. Thus, I am sorry that it does not appear I will get to see you in Miami.’ This was the man who was away on a family holiday for a week. I offered to meet papa Fuisz (Richard C Fuisz, MD), in Washington DC. I should have anticipated the response: ‘I am so sorry — your prior email did not come through (I just found it) and so I did not forward it to my Dad’s assistant. I think it is too late to schedule now. Please accept my apologies. I will email you some things about Tiger and hope to meet in you Bangladesh some day – very best, Joe Fuisz.’ 
   

I’ve had no further correspondence from Fuisz.
   
   

Rahnuma Ahmed writes
   

If you had met him, what would you have wanted to know, I ask Shahidul. His list of questions was ready: 


(1) What were the factors leading to a newly formed company, TigerIT BD, being able to obtain such a prestigious and lucrative contract? 
   

(2) What are the implications of having a biometric database for Bangladesh? Who might benefit from this data, nationally and internationally? 
   

(3) Does your company TigerIT (the parent company of TigerIT BD) have any previous experience of working in Bangladesh or the region? 
   

(4) Why did you choose to work with relatively inexperienced people in Bangladesh and set up a new company rather than teaming up with existing IT companies with a track record? 
   

(5) Who are the main clients of your company TigerIT (the parent company)? 
   

(6) What is your equity in TigerIT BD?
   He grinned and added, but of course, I sent him a very general note saying we were fascinated by the news of what they had done and wanted to do a feature on the company for DrikNews.
   

So, why are western citizens concerned? As Peter Boyle asks, what’s the fuss behind another little piece of plastic? What is dangerous is not the card itself, he says, but ‘the mother of all databases that is behind a compulsory national ID card system.’ Chris Puplick, a former Liberal Senator who was a member of the joint select committee on the Australia Card, speaking of his ‘fear’ of national ID card systems wrote, ‘Should 20 million Australians have their liberties trashed so that we might – I repeat might – detect the two or three mad jihadists in our midst? Will files now be created on the basis that people belong to a certain religion, attend particular places of worship or hold specific political opinions?’
   

Does the national ID card system help to combat terrorism? Privacy International (PI), a global human rights group, in a 2004 study on the relationship between national ID cards and the prevention of terrorism was unable to ‘uncover any instance where the presence of an identity card system’ was a significant deterrent to terrorist activity. I remember coming across a blog comment somewhere: ‘Want to be rid of terrorism? Pull troops out of Afghanistan and Iraq.’ Another blogger had said, ‘Governments quite often frighten me more than terrorists.’
   

Some Bangladeshis – still carried away by the present military-backed caretaker government’s drive against corruption – may think that it will help clean up corruption. As a blogger had commented in drishtipat: ‘Like driver’s license renewal or getting cars inspection every year, the national ID card… will have huge impact on and spectacular change in the society.’ Those pro-ID cards probably don’t know that computer disks containing detailed personal information on 25 million individuals, and 7.25 million families in Britain, went missing last year. Personal information included names, addresses, national insurance numbers, and data on almost every child under 16. According to experts, the information ‘could allow crimes beyond identity theft,’ since some people use a child’s name or part of their address as password on their bank account. In other words, a combination of these details could allow criminals to break their code. Another critic says, if a government or criminal wanted to frame someone, amending, erasing, or adding to the details on one’s medical records, employment history, could be easily done, since all information would be stored on a single device.
   

Khushi Kabir had left a comment on my column at Shahidul’s blog, speaking of her own disturbing experiences: ‘What was also worrying was the religious and other profiling done, albeit arbitrarily in majority of cases, despite that this information was not asked for in the form filled up prior to getting photographed or finger printed. My big teep must have confused them, so they asked for my religion, which I did not find necessary to provide them, or any other information that was not on the form. Others were not asked but religion was put on the basis of their “assumption”. When challenged as to why they needed my religion or to keep it blank they stated that they were required by the “authorities” to profile it. Shireen Huq had a similar experience. They informed her there was only space for four religions in the database, i.e. Muslim, Hindu, Buddhist and Christian. No scope for others. This kind of information can be potentially frightening.’
   

Of course yes, Khushi. As Jim Fussell of Prevent Genocide International points out, ethnic classification on ID cards in Rwanda, instituted by the Belgian colonial government and retained after independence, spelled a death sentence for Tutsis at any roadblock. No other factor, says Fussell, was more significant in facilitating the speed and magnitude of the 100 days of mass killing in Rwanda that left 800,000 dead. 
   

The near-deafening silence of Bangladeshi human rights organisations and activists on the national ID card issue is remarkable. I wonder why? Are their campaigns waged against ‘locals’ only – the neighbourhood bully, the local rapist, the village acid-thrower? Do they shy away when human rights violations are caused by ‘big’ actors? Does speaking out against Big Brother’s ‘war on terror’ fall outside the prescribed terms of reference? 
   

Do not misunderstand me, fighting against local power structures has not always been easy or convenient, as their own records of struggle show. But it is a global world, and we should learn from the African feminist who had said, I am oppressed not only by my patriarchal village headman, but equally so by the IMF and the World Bank. And I add, by western regimes who are waging terrorist wars against the world’s peoples.

Advertisements

National ID Cards: In the Interest of Surveillance?

October 2, 2008

By rahnuma ahmed*

Official: “You ought to have some papers to show who you are.”
Protagonist: “I do not need any papers. I know who I am.”
Official: “Maybe so. But others are also interested in who you are.”

– Kafkaesque journey of American sailor who has lost his identity papers, B. Traven, The Death Ship (tr. 1934)

Photo: NewAge

A non-fraudulent voter list, `a priceless gift to the nation’

Praise was due. And it was given.

Ms Renata Dessallien, UN Resident Coordinator and UNDP Resident Representative, at a function marking the celebration of the successful completion of voter registration, organised by the Election Commission on July 22, spoke of it in glowing terms. It was “a truly historic achievement,” because never before “have so many people been electronically registered in such a short time” in any other country in the world. What was impressive was the immense scale of the undertaking, the accuracy of the list, the elimination of duplicate and fraudulent entries. “If there were a Nobel Prize for voter lists, Bangladesh would be the clear winner!”

The Chief Advisor Dr Fakhruddin Ahmed termed it a “milestone,” one that would enable not only the upcoming elections to be “free, fair and credible” but also, future ones, by setting high standards. The Chief Election Commissioner ATM Shamsul Huda, called it a “memorable event in the annals of country’s history.” At an earlier event, “Celebrating the Halfway Mark of Voter Registration” held in early March, the Chief of Army Staff General Moen U Ahmed had voiced hopes that it would “lay the foundation for building a meaningful democracy.”

A similar nationwide voter registration venture had failed in 1997 because the names and pictures of most people did not match, and many had failed to turn up to register at the appointed time. The nation, as a result, had been Tk 115 crore poorer. A proposed integrated project of Machine Readable Passports (MRP) and National Identity Cards (NID) in 2005 had been budgeted at Tk 1,400 crore. Its completion would take 5 years, the first year would be a “test” period. The 2006 voter list, prepared by the past EEC Justice MA Aziz for the 2007 elections had been faulty, it had registered an excess of 1.2 crore voters, leading to a political impasse that helped usher in the current military-backed Fakhruddin government.

In comparison to all previous efforts, the current effort has yielded a faultless voter list, one that is computerised, consisting of a data-base of 80 million 500 thousand 723 voters with photographs and fingerprints. It has cost only Tk 424 crore, one-third of the 2005 estimate, and has been successfully completed in a mere 11 months. The Election Commission was the sponsor and the coordinating agency, the Bangladesh army was the operational agency. Together they coordinated the huge logistics in a “very tight time frame”, as Major General Shafiqul Islam, Military Secretary, Bangladesh Army, said in an interview to find Biometrics, `we required 12,000 laptops to be deployed throughout the country, 8,000 printers, paper, toner, train a staff of 18,000 computer and enrollment personnel, in a situation where on an average data was collected on 300,000 to 400,000 people daily.’ The resulting electoral rolls, perhaps one of the largest electronic databases in the world, will definitely be the largest among developing countries.

A survey of the voter registration process funded by the UK Department for International Development (DFID) announced it to be of international standard, in the words of one of the consultants, “a list of quality no less than that of America or England.” The UN is said to be considering replicating this model in other developing countries.

The current voter list, as one of the national English dailies commented in its editorial, is “a priceless gift to the nation.”

The National ID Card, `an offshoot’

The EC project was titled the Preparation of Electoral Roll with Photographs and Facilitating the Issuance of National Identity (ID) Card. In the words of Mike DePasquale, Chief Executive Officer of BIO-Key International Inc, a US-based company which is a leader in finger-based biometric identification and wireless public safety, the NID was “an offshoot” of the voter registration project — a “co-operative venture” between BIO-Key in the US, Tiger IT in Bangladesh, and the Bangladesh army.

Brigadier General (Retired) Shahedul Anam Khan, a defence analyst, thinks the government did well to undertake both projects simultaneously. Up to a stage, “the modalities involved for the preparation of both” like basic data collection and cross checking, are similar. The ID Card was a “spin-off,” which, if it had been put off for later, would have cost more.

But, for people on the ground, the two were not as separable. M Sakhawat Hussain, one of the Election Commissioners, puts it in words closer to how we, as potential voters, experienced it, “No one will be listed as a voter without the registration of the name on the electoral roll and no one will get the national ID card.”

Advocates of e-government are also advocates of national ID cards, for instance Farooq Sobhan, M. Shafiullah and others write in a Study of eGovernment in Bangladesh (Bangladesh Enterprise Institute, April 2004), “Bangladesh should take active steps to initiate a project for national ID” because it will provide an important base for the provision of eGovernment services “efficiently and in a personalized way,” to citizens who will have unique ID numbers. I came across several Bangladeshi bloggers who seemed to hold similar views. According to one, it would be “a solution to many problems,” a national database would hold information from voter lists to tax records, it would make easier many tasks from machine-readable passports to criminal investigations. According to another, the digitisation of national-level information would make governance procedures “more scientific.”

The EC has drafted an ordinance making national ID cards mandatory for citizens, ‘for getting any services from the government, its departments and institutions or from any statutory government offices.’ Twenty two services are listed, these include the issuance and renewal of passport, driving licence, trade licence, tax identification number, business identification number and bank account. It also states that nobody will get government subsidy facilities, allowance and relief if they do not have identity cards. Very recently, the council of advisors approved the formation of the National Identity Registration Authority Ordinance 2008. It authorises the home ministry to provide national ID cards. Under the proposed ordinance, the EC will hand over all information that has been collected — data and biometric features of the citizens — to NIRA, a statutory body. The ordinance declares false information, forgery, having more than one ID card a criminal offence, punishable by three months to seven years rigorous imprisonment, along with monetary fines.
That confusion exists among people in general — the beneficiaries of the national ID card — was revealed during the four city corporation and nine pouroshobha elections held recently. Voters had come to the polling centres with their national ID cards, and were confused over why the serial number of their ID cards did not tally with the voter serial numbers. This resulted in delays in vote casting, and in long queues. Voter identity cards had been given in the 90s, or torn-off slips containing registration numbers, and as a newspaper report states, during the recently-held local-level elections, the common perception had been that the `ID card was to be used for voting purposes.’ Reports say, polling officers had been similarly confused. M Shakhawat Hossain, Election Commissioner, blamed the media for publicising what in effect was a `national ID card’, as a `voter ID card’, even though, according to him, the EC had carried out a huge campaign to clarify the differences between the two.

The ‘largest biometric database in the world’

What is less public knowledge is that the four fingerprints of each voter that was captured with BIO-key’s fingerprint ID software, and FBI-certified fingerprint readers, has already generated over 300 Million ISO fingerprint templates. Combined with the 400 million projected to be generated, it will become by far the largest biometric deployment in the world.

Duplicate registrations are being accurately identified says Ziaur Rahman, Managing Director of Tiger IT BD Ltd. (Tiger IT), a company that is a leader in both prepackaged and customized software solutions and was BIO-Key’s “systems integrator on the ground,” at a speed of “one million matches per second on a single processor.” Tiger IT Bangladesh’s website provides further information on the national ID card (by the way, the domain tigeritbd.com was registered as recently as August 2007). The card includes a standard barcode which is encoded with ISO fingerprint templates, and PKI digital hash. These can be used to quickly verify the identity of the cardholder while ensuring the integrity and authenticity of the ID card. The Cognitec Facial Recognition Software has been used to capture facial images.

While Renata Dessallien enthuses over how “modern technology” enables the prevention of vote theft, and DePasquale prides on how BIO-Key’s patented technology is “performing better than anything else in the market for finger matching,” I have simple questions to ask: who owns my fingerprints? how will it be used? can NIRA transfer it to government departments within Bangladesh without my knowledge? or, maybe even outside the country’s borders? As the British government did when it passed more than 500 samples of DNA to foreign agencies, but when asked “no one seemed to know” to which countries.

The European Comission recently proposed the harmonisation of security features on passports across the European Union. The proposal, introduced in October 2007, requires Member States to take measures to introduce biometric features, including fingerprinting, on passports and travel documents. The fingerprints would be stored in a centralised database. The European Union Data Protection Supervisor, Peter Hustinx, who is in charge of safeguarding the personal data and the right to privacy of EU citizens, has expressed his concern since it fails to “adequately safeguard the right to privacy of EU citizens.” He says, the Commission failed to consult with his office prior to submitting the proposal, as required by EU law.

The current regime’s voter registration list has, in all probability, lessened the likelihood of fraudulent votes. But it also has, in all likelihood, laid the groundwork for installing a new regime of surveillance, one that will be deployed against the citizens of Bangladesh.

First published in New Age on Monday the 29th September 2009

*Rahnuma Ahmed is an anthropologist based in Dhaka, Bangladesh. Contact: rahnuma@drik.net