III. Privacy issues
Frequent searches and demands for identification also occur at the large number of checkpoints established nationwide. These checkpoints can be controlled not only by U.S. or Iraqi security forces, but also by vigilante groups. The U.S. State Dept. reported checkpoints operated by armed militias appeared in earnest after February 2006. These checkpoints purported to be for neighborhood safety, but were often used to identify and murder Iraqis based on religious affiliation.1 Numerous reports have indicated that Iraqis regularly risk death if they are proven to be of a different sect than gunmen at a checkpoint.2 In July 2006, Shiite militiamen established a fake checkpoint and killed up to 50 Sunnis after examining their identification documents.
Likewise, Palestinian refugees in Iraq have long experienced discrimination and threats to their safety based on their state-issued identification documents, which visibly differ from those that Iraqi citizens receive. Particularly after sectarian conflict flared in 2006, numerous reports surfaced of Palestinians who were murdered after being identified through their documents.3 Because names are associated with religious and ethnic identity, many Iraqis reportedly change their names or carry illegal fake IDs to avoid being murdered by rival sects.4 However, this protective measure is eroded by the spread of biometric information databases.
The U.S. military was working on a biometric database of Iraqis since at least 2003, when U.S. interrogators collected fingerprints and other bodily information from prisoners of war and suspected loyalists to Saddam Hussein. This information was then routed to databases operated by U.S. federal agencies, including the CIA, FBI, State Department and Department of Homeland Security, who utilized it to track individuals in Iraq and also foreigners seeking entry to the U.S.5
Iraqi biometric collections have expanded since the inception of the original database. In 2007, U.S. troops began using mobile scanners to take fingerprints, eye scans, and input other personal data from Iraqis at checkpoints, workplaces, the sites of attacks, and door to door canvasses.6 This information was then collected in a massive identification database of Iraq citizens and administered by the U.S. military. However, there is as yet no indication of any privacy safeguards protecting against the risk that this information will be used to fuel an ethnic cleansing. Under this system, Iraqis who refuse to release their data can be barred from markets or neighborhoods that require an ID to enter. Virtually no one refuses.7
In July 2007, NGOs Electronic Privacy Information Center (EPIC), Privacy International and Human Rights Watch issued a letter concerning the Iraqi biometric database to the US Secretary of Defense.8 The letter pointed out that the database presented a grave risk if its contents were ever disclosed to extremists, including those within the Iraqi government. The coalition's letter urged the Secretary to adopt strong privacy safeguards to prevent unauthorized access and disclosure of the database‚ contents. Noting that the Nazi and Rwandan governments had utilized identification records in order to more easily distinguish their genocidal victims, the letter urged the Secretary to develop measures to prevent misuse of the database. 9
- 1. Id.
- 2. http://www.nytimes.com/2006/09/06/world/middleeast/06identity.html
- 3. http://news.bbc.co.uk/1/hi/world/middle_east/5162510.stm
- 4. Id. at 33. See also Edward Wong, "To Stay Alive, Iraqis Change Their Names," supra.
- 5. http://www.informationweek.com/story/showArticle.jhtml
- 6. http://www.usatoday.com/news/world/iraq/2007-07-12-iraq-database_N.htm
- 7. Thomas Frank, "U.S. is building database on Iraqis," supra.
- 8. http://www.epic.org/privacy/biometrics/epic_iraq_dtbs.pdf
- 9. In August 2007, EPIC also issued a Freedom of Information Act request Seeking US Department of Defense records concerning appropriations and contracts awarded to companies to carry out Iraqi biometric data collection projects, as well as policy statements, regulations or rules governing the storage and use of the collected data.