By Don Quijones, publisher of Raging Bull-shit and editor at Wolf Street. Cross posted fom Wolf Street
On October 30, the French government announced, as quietly as possible, the creation of a massive new database that will collect and store personal information and biometric data on nearly everyone living in the country. As tends to happen whenever a government seeks to enact this type of “reforms,” the law wasn’t passed by parliament but by decree on the eve of a national holiday.
As France 24 reports, the new decree will affect 60 million people and “marks the first time the country has collected population data on such a scale since the start of the Nazi Occupation in 1940.”
The move has sparked outrage from civil rights groups as well as French media, with weekly magazine L’Observateur describing it as “terrifying,” and daily newspaper Libération dubbing it a “mega database that will do no good”. The National Digital Council (CNNum) “laments” the government’s lack of prior consultation and highlights the “many concerns” the new decree raises. “In a digital world where code is law, the existence of such a database leaves the door wide open to likely and unacceptable excesses,” it said.
The new database, known rather optimistically as Secure Electronic Documents (Titres électroniques sécurisés or TES) will store an individual’s name, date and place of birth, gender, eye color, height, address, photograph, digitized fingerprints, facial features, e-mail address, and the names, nationalities, dates and places of birth of parents. The aim — according to the government — is to make it easier to obtain and renew identity documents, and to aid in the fight against identity fraud.
Unlike a similar law proposed by Nicholas Sarkozy’s conservative government in 2012, which was shot down, the new database will only be used to authenticate individuals, not to identify them. In other words, it will be used to confirm that someone is who he or she claims to be, not to discover, say, the identity of someone whose biometrics have been found at the scene of a crime.
However, the potential for mission creep cannot be discounted. As an article in NextInpact points out, once the database exists, it is highly likely that there will be calls for it to be used for identification purposes, simply “because it is there.” There’s also good reason to suspect that a future government “will modify the aims,” as warns Gaëtan Gorce, a French senator and member of the National Commission for Information Technology and Civil Liberties (Cnil) who likened the TES to a “sort of monster.”
According to today’s government, the biometric data stored on the database could be used to identify criminal suspects only if “violations of the fundamental interests of the Nation and acts of terrorism” are involved. But who gets to decide what constitutes a “fundamental interest of the Nation” or, for that matter, “an act of terrorism”? [That was a rhetorical question, of course].
A Hacker’s Paradise
Another major problem with centralizing biometric data to this extent is that you make it a lot easier for it to be compromised. What’s to stop an insider from copying this data onto a drive and walking out with it, as Snowden and others have, including those who took Swiss banking data to the French and German authorities for money laundering investigations? This data would then most likely be sold online, on the so-called darknet.
“No computer system is impenetrable. All databases can be hacked. It’s always just a matter of time,” thundered French left-wing politician Jean-Jacques Urvoas in a 2012 blog post against Sarkozy’s proposed biometrics super database. Urvoas is now justice minister in Hollande’s government and hence is directly involved in drawing up the new decree, which bears a striking resemblance to Sarkozy’s earlier initiative.
If biometric data is compromised, it is a far more serious issue than a compromised password or an account. You can create a new password many times. But you can create your biometrics only once. If they’re compromised, they remain compromised forever.
There’s still a possibility that France’s constitutional council will throw the new law out, as it did with Sarkozy’s. If it doesn’t, TES risks establishing a very dangerous precedent.
Until now the most extensive biometric data retention schemes have been rolled out (perfected?) in war zones like Iraq and Afghanistan. Israel is also on the verge of creating its own centralized biometric database. But if TES were allowed to stand, France would become the first G7 nation to attempt to build a completely centralized, all-inclusive biometric database. And that would send a very clear signal — i.e. green for go — to other ostensibly democratic nations.
There’s also the fact that after Germany, France is the country with the most influence over the future direction of EU policy. The EU already has a biometrics super database called the Visa Information System (VIS), which is the largest shared database on maintaining public security, supporting police and judicial cooperation, and managing external border control in Europe.
If the elected representatives of the 66 million people of France can pass into law a completely centralized system of biometric data storage with absolutely no public consultation whatsoever, what’s to stop the European Commission’s ranks of faceless, unelected, power-hungry appointees from doing the same? Nothing.
Besides aspiring to becoming a pioneer in the collection and use of personal data of all its citizens, France’s government is also one of the most ruthless combatants in the global war on cash, which is progressing on schedule. The Alliance is in place. Read… Who’s Powering the War on Cash?
I think it’s important to separate this into two components — the idea of such a national identity database and the methods of its creation and operation.
The idea of having a complete record of every citizen is not intrinsically a bad one, just as having a reliable national identity card system offers some useful benefits. The world has changed since the 18th century, and the need to be able to identify and be identified with it. I don’t personally like it, and still, I see the need.
Any such system of identification will have a powerful effect on society, and should only be considered and adopted as part of a thoughtful and open conversation about its benefits, risks, and safeguards. NC is right to focus on this and abhor any stealth implementation. Unless citizens understand and approve, no such sytem should be allowed.
Let’s have the conversation, now and openly — national ID is coming.
I agree that National I.D. is coming. The real question is how it’s going to be used, and secondly, as I mention below, how it’s use will be controlled.
India implemented this already with ten fingerprints, an iris scan (!), and verified mobile phone number, they have those registered now for 970 million people, it’s called Aadhar. They started in 2009.
Now they have outlawed the current 500 and 1,000 rupee notes, you have until December 30 to *show ID* and turn in your old notes and have the amount credited to your bank account. They have printed new notes and the old ones will no longer be legal tender.
Bail-ins will be super easy, oh joy. Coming to a G-7 country near you.
This is my second try at a response. Number one went off to feed the Skynet Beasts earlier this morning.
Ah hah! The sinister beauty of the scheme becomes clear. This Indian currency “reform” is really a massive push for rent extractions for the FIRE sector in India.
So, our protagonist, who lives day to day in a direct exchange cash environment, must now turn in all his or her R500 and R1000 bills to a bank, public or private doesn’t matter. This money is now visible for taxation processes. Cut number one goes into the governments pocket. Then, the hapless ‘citizen’/’consumer’ can only get back out a certain amount of cash per day and week. Squeeze number two benefits the banks due to said banks power of being a forced intermediary for financial transactions. Third, and more nebulous but still important is the governments acquisition of vast data streams describing the money flows going on within the nation’s economy. The power of the government to “guide” the overall economy takes a big jump up. Finally, the precedent set is pernicious in the extreme. Now all private economic transactions are demonized. Guilt by association can be a powerful tool to exert control with.
If this is coming soon to a G-7 country near me, I’m going to continue my meagre ‘prepping’ program.
What ever happened to privacy?? This is all to bring in NWO. What planet you are on? This is sick and wrong on every level. So invasive and you do have a right to privacy…..obviously you don’t think YOU will be affected. This is a hackers wet DREAM!
It’s nauseating isn’t it. The National Security State for everyone! This is one of THE defining strands of conservatism. Here are people that are constantly complaining that true liberal and true progressive politicians aren’t truly true liberal and progressives blithely accepting that this is the way it has to be.
Note the vague benefits, risks and safeguards language and get ready for the policy proposals. Here we go again: liberal politicians will support this but will want to assist the poor in paying for the ID which will require more bureaucracy and progressives will come up with a regulatory regime and of course, it will drift into neo-liberal financialization schemes (I can smell the privatization already)
Liberals and progressives claim that Rs purposefully misdefine them to confuse voters. I think the voters have got the nature of the D party down and correctly stayed home.
Putting on my tinfoil hat for a moment; there is the very real threat that “less scrupulous” members of the status quo can use such a data base to manufacture evidence against “enemies of the State” with this information.
The abuse of power is a given. Human nature hasn’t been “perfected” over the last hundred thousand years or so. The argument can be made that this data base will happen, no matter what. If so, the rules, and more importantly, the enforcement mechanisms for those rules, that govern the “acceptable” use of the data are of paramount importance. Opponents of this data miners paradise should start at least a decade ago formulating methods for managing and or disrupting the system that will be put in place. Just as the Right has it’s covert operations cadres in places where they can influence events, so must the Left prepare. Simply because it’s ‘in the shadows’ doesn’t mean there isn’t a contest for power going on.
If you actually read the text of the decree it’s considerably less exciting than it appears in the media. No information is actually being collected: what’s happening is that the information that has to be provided in order to have a national identity card (compulsory for French nationals) or a passport is going to be centralised, as opposed to being in a large number of local databases. The list of data that has to be provided is pretty standard, so far as I can see, for a passport application in any country. I don’t know, but I suspect that any country that has a centralised system of passport applications (like the UK) already has such a national database. In France the process of applying for such documents is heavily decentralized, so checking whether the identity card of someone picked up by the police is a forgery or not can be difficult and time-consuming. The decree is about a new “method of handling data”, not collection of new data. Any system can be hacked of course, and details of your height and date of birth leaked, but that information already exists in databases, and can be hacked now.
In France, decrees can be struck down if the court thinks that they go beyond what is provided for in existing laws, and give the government powers that have not been voted by Parliament. As is usual, the preamble to the decree quotes a long list of laws, decrees, institutions consulted etc. which provide this context. A court could, however, decide that this decree (like the last one) went beyond the powers the government had, or that alternatively it contradicted another law. That will take time to become clear, but normally laws go to the Conseil d’État, the highest administrative authority for checking, and the preamble says this has been done. The Conseil is very jealous of its independence, and pretty bolshy about rejecting things it thinks are wrong.
How can we encourage Jubilee when all my debts and obligations are documented in the “cloud”? One doesn’t “secure” these tethers with the intention of “forgiving” them.
Anyone recall that when plans for E-ZPass were announced there were outcries about loss of privacy?
Not to worry, assured the officials responsible for the plan, E-ZPass information would only be used for billing purposes. Plus, dear citizens, the savings from employing fewer human toll takers would benefit all taxpayers and tolls would not have to be raised as much. And the time savings for drivers would result in shorter commuting times. What’s not to like?
IIRC, it took very little time for such records to be requested by divorce lawyers and demanded by law enforcement entities. Now, there’s concern that authorities can track cars wherever they go, in addition to monitoring whether drivers pay their tolls…. What’s not to like?
Good luck with squelching this, mes amis.
And, what is wrong with Hollande? He’s adding Big Brother Authoritarian to his Austerian Corporatist creds?
David, I so hope your take on this is correct.
Such passes can also be used to prove that a driver was speeding. See the FL Turnpike, for example, as a ripe target.
The irony of this occurring under a ‘progressive socialist” PM who back in August said that “Donald Trump’s Excesses Make People Want to Retch” should be lost on no one.