Privacy International defends the right to privacy across the world, and fights surveillance and other intrusions into private life by governments and corporations. Read more »


If I have nothing to hide, then why should I be worried?

The technology of biometrics is still fraught with problems. A system the size and scope of US-VISIT has never been attempted. And as the system grows, the problems grow alongside it.

The inevitable problem facing large biometric systems is that biometric prints are often unstable and fallible. Some people cannot for physiological reasons be enrolled in a biometrics system. The physical characteristics and circumstances of numerous people means the biometric will change over time. This means there must be a margin of error in biometric registration and verification. And as the system grows in size, so must the margin.

There are three distinct problems that can result from deployment of a large biometric system. The first is described as the Failure To Enrol Rate (FTER). This occurs when a person’s biometric is either unrecognisable, or when it is not of a sufficiently high standard for the machine to make a judgment. The second crucial indicator is the False Non-Match Rate (FNMR) that occurs when a subsequent reading does not properly match the properly enrolled biometric relating to that individual. The third problem is where there are so many biometric identities in a system – or where the margins are set so tightly – that people are falsely identified as someone else. This is known as a False Positive.

A GAO report makes the point that the FNMR for fingerprinting can be extremely high – up to 36 percent.

If major countries follow the U.S. lead, as appears to be likely, then it is probable that within ten to fifteen years a global biometrics and data system will contain a billion identities. The potential for mass error in such a system cannot be overstated.

The integrity of the entire process depends on the integrity of each individual part. Fingerprinting is not a simple process, and matching fingerprints to an individual is even more difficult. Two percent of all humans cannot be fingerprinted, particularly if they are manual labourers. Facial recognition is even less reliable. It incurs a 15% error rate as a person ages. When combined with other information sources, the problem increases dramatically. Some reports claim that 70% of credit information is inaccurate. Criminal records bureaux are also faulty; in the United Kingdom 200 people were wrongly branded as having a criminal record. Even identifying the life-status of individuals is difficult: a system in London for the administration of social services had a 3% error rate on the death status of Londoners. Even the highly researched passenger profiling system in the U.S. has a predicted 4% error rate.

Even if you have nothing to hide, you may be wrongly identified as a suspect individual. You may be prevented from travel or prevented entry to the U.S. In December 2003 a flight from Paris was prevented from taking off because the authorities identified a 13 year old boy as a terrorist suspect. In the U.S., the Identix fingerprinting system led to the wrongful imprisonment of an individual for 43 days on the charge of carrying a firearm as a convicted felon; even through the felony on his record had been committed by someone else. Another individual had his restaurant business destroyed by a false record of a criminally negligent homicide conviction.

Most interesting is the case of Brandon Mayfield. After the Madrid Bombings of March 11, 2004, Spanish National Police managed to lift a fingerprint from an unexploded backpack. They asked for international assistance in identifying the fingerprint. Three highly skilled FBI fingerprint experts declared that Oregon lawyer Brandon Mayfield's fingerprint matched. U.S. officials called it "absolutely incontrovertible" and a "bingo match."1 As a former U.S. soldier, his fingerprint was on the national fingerprint system. The FBI searched his home, vehicles, and safe deposit box, and found a variety of items that supported their belief that Mayfield was linked to the Madrid bombings. Mayfield was imprisoned for two weeks. The fingerprint, however, was not his.

According to one law professor,

    “The Mayfield misidentification also reveals the danger that extraneous knowledge might influence experts' evaluations. If any of those FBI fingerprint examiners who confidently declared the match already knew that Mayfield was himself a convert to Islam who had once represented a convicted Taliban sympathizer in a child custody dispute, this knowledge may have subconsciously primed them to "see" the match. ... No matter how accurate fingerprint identification turns out to be, it cannot be as perfect as they claim”.2

And yet this system is deemed infallible for use in identifying problematic individuals at the U.S. Border. According to Secretary Ridge in September 2004,

    “[B]ecause we acted swiftly and we included biometrics, more than eight million people have been admitted to the United States with biometric identification of their identity and more than a thousand people have been matched to watch lists. And again, speed of action and the hard work of many extraordinarily dedicated people have made America safer.”3

Later in this same statement, however, the Department of Homeland Security claimed that

    “This new tool means that we have a much better idea of who is entering our country. If a traveler’s finger scan hits a match on the terrorist watch list, the Department is able to stop them from entering the country at the border. Over 200 people have already been turned away from our borders using this new system.”4

What happened to the other 800? Without open reporting of the effectiveness of the measures in US-VISIT, we cannot accurately determine the scope and implications of wrongful identification of individuals. The wrongful identification of fingerprints is likely to increase as the number of biometric identities held in the U.S. government databases increases. With 300 million visitors to the U.S. every year, this will result in the largest fingerprint database in existence. The likelihood of wrongfully matching fingerprints increases exponentially.

Even future developments in technology do not promise better results. Recently, experts have even come out against even more credible forms of identification. In a recent speech, the father of DNA fingerprinting warned that DNA fingerprinting was increasingly problematic and inaccurate, particularly as more and more of these fingerprints are collected. He warned against collecting DNA indiscriminately,5 even as countries around the world are amassing this information on just about anyone.

Security expert Bruce Schneier concludes that the 15 billion dollars being used to develop this system would be better spent on other projects. This is particularly so because 200,000 people illegally enter from Mexico every year, while he claims that we are merely alienating allies. He contends that the reason US-VISIT exists is only because 'politicians like big-ticket security programs'.6 Politicians need to wake up and recognize the risks of this program and call for its dismantling.


  • 1. Mnookin, Jennifer L. 2004. The Achilles' Hell of Fingerprints. Washington Post, May 29.
  • 2. Mnookin, Jennifer L. 2004. The Achilles' Hell of Fingerprints. Washington Post, May 29.
  • 3. Ridge, Tom. 2004. Remarks for Secretary Tom Ridge at National Press Club, Department of Homeland Security. September 7.
  • 4. Department of Homeland Security. 2004. Fact Sheet: An Overview of America’s Security Since 9/11, September.
  • 5. Jha, Alok. 2004. DNA fingerprinting 'no longer foolproof'. The Guardian, September 9.
  • 6. Schneier, Bruce. 2004. US-VISIT Is No Bargain. eWeek, July 6.