David C

Forgive me, but I am comparing two not dissimilar Western democracies, whose legal principles are broadly similar (the right to bear arms notwithstanding). Many comparisons are routinely drawn between our two countries. It may be a somewhat extreme example, but you can't tell me that the statement above isn't true. It is totally unjustified and out of all proportion to routinely fingerprint children at school, putting their future biometric identities at risk, just so they can buy more chicken nuggets (as we are led to believe by vendors). Broadly speaking, it's the difference between government paranoia and a democratic system based on trust. You disappoint me, however. I thought you were going to take issue with the substantive points I raised in my first email on this thread. For example, I was happy to be corrected by Cyclone on the difference between codes, ciphers and encryption, since I was inadvertantly not comparing like with like, and it is not my intention to mislead. We have subsequently amended all references to the Enigma code on the LeaveThemKidsAlone website to include a brief mention of the DES algorithm. So, as you do not seek to present a reasoned point-by-point rebuttal of the argument I have presented as to why it is absolutely premature for schools to be using biometrics (certainly without even having the common decency to seek informed parental consent) I guess that apart from stylistic differences, you and I are in agreement, on the big picture then?? Moreover, whilst I would be delighted for your children to be fingerprinted if you so wish I consider the pompous arrogance of those driving this policy (ie directly from Whitehall) as totally outrageous and unacceptable.

Well, as far as I am aware, nobody follows children around collecting their fingerprints and storing them in an insecure database, to which the police, and possibly criminals, may gain access. I seem to remember that when bank cashpoint machines were first introduced banks claimed they were invulnerable to attack. Yet now they seem to be covered in stickers warning customers of potential fraud. If I see a car with a leaking petrol tank, it's not scaremongering to warn the owner before somebody lights a match. It's prudent to evaluate potential risks. Governments do it. Airlines do it. City analysts do it. Why shouldn't parents? If you had taken the trouble to check, we have warnings from dozens of experts; only one of them is from Microsoft (though it has to be said he is probably the foremost identity expert on the planet!) The rest are independent IT security consultants, educationalists, barristers, etc. I find it interesting that after visiting our website you don't comment on any of the substantive points we make, merely on design elements. Presumably this means you agree with our case. This is just a website run by parents, with no previous web experience, written on notepad, in their spare time. Unlike the biometric vendors, we don't have tens of thousands to spend on design. If you would like to volunteer some time to help us improve things, any assistance would be much appreciated. Our priority is to deliver our message, meet with vendors, educators, lawmakers and politicians, and protect our kids' biometric identities. We're trying to make the world a better place, not the internet a tidier place... It's a question of priorities. If a supporter of the use of conventional biometrics in schools would like to answer my first post above, point by point, I would be very happy to back up what I've stated with further evidence. We are not scaremongering, that's why you'll find a comprehensive risk-benefit analysis on our (admittedly inelegant) site.

Indeed. Perhaps I should add that the 1976 state-of-the-art 64-bit Data Encryption Standard (DES), developed by the National Institute of Standards and Technology in the US, can now be cracked on a decent supercomputer or Beowulf cluster.

There are a couple of points made by ConspiracyOo that I'd like to clarify. (I'm from the website LeaveThemKidsAlone ) Leading experts like Microsoft's Identity Architect Kim Cameron state "It is absolutely premature to begin using 'conventional' biometrics in schools". It's true that what's stored on these systems is not an image, but this is just a red herring put about by vendors and manufacturers. What is stored is actually a fingerprint template; it's the modern equivalent of a fingerprint, as used by the police, etc (a bit like the difference between a drawing and a photo). A fingerprint template (as stored by schools) IS your child's permanent identity. It cannot ever be changed. Within ten years, fingerprint scans will be used on passports and to access bank accounts, health services, etc. If your child's biometrics have been compromised by a school system, they will not be able to function fully as a citizen, enjoying the protection of the state. This is a critical risk. There are International standards (M1 or INCITS 398 or NISTIR 6529) to ensure that biometric templates from different manufacturers are compatible - so what's stored on one system can be read by any other, including government systems. Where fingerprint templates are stored in an encrypted form, it is impossible for anyone to guarantee that this won't be broken during a person's entire lifetime. (The military grade state-of-the-art Enigma code used by the German navy during World War Two was cracked in 1941; today it can even be decrypted on a standard home PC.) Schools cannot possibly provide the level of security necessary to protect children's data. A school might not even be aware that children's data had been compromised until it was far too late. For more details, including links to verifiable sources, see http://www.LeaveThemKidsAlone.com/facts.htm

Ok, let's look at some of the "small number of paranoid individuals" They include: Kim Cameron, Microsoft's Identity Architect Dr Sandra Leaton Gray, Director of Studies, Sociology of Education, Homerton College, Cambridge Jon Crowcroft, Marconi Professor of Communications Systems, University of Cambridge Stephen Groesz, a partner with the law firm Bindmans The Austrian Supreme Court The States Of Michigan, Illinios and Iowa (so far, others are likely to follow) The Irish Data Protection Commissioner The Hong Kong Privacy Commissioner Bruce Schneier, a respected US writer and lecturer on issues surrounding security and privacy, who has testified before Congress and authored eight books and dozens of articles and academic papers. Eugene Schultz, Ph.D., CISM, CISSP, CTO of High Tower Software Andrew Clymer, senior identity management security expert (more than 8 years with Cisco Systems, Visa, Fidelity, Merrill Lynch, etc) Paul Squires, Identity Solutions Architect at Enline plc An unnamed Police Fingerprint Officer (15+ years' experience) Damian Green, Tory home affairs spokesman Rt Hon David Davis MP, Conservative Shadow Home Secretary Nick Gibb MP, Conservative Shadow Minister For Schools Baroness Carnegy, Conservative Sarah Teather MP, LibDem Shadow Education Secretary Greg Mulholland MP, Lib Dem Schools spokesperson Baroness Walmsley, LibDem 83 other MPs from all parties who have signed Early Day Motion 686 http://edmi.parliament.uk/EDMi/EDMDetails.aspx?EDMID=32367&SESSION=885 (frontbenchers do not usually sign EDMs) More than 1500 parents who voted last summer in an online poll against kiddyprinting without parental consent. 93% opposed fingerprinting without consent. And the list goes on... Do you still think it's all just "harmless fun"? Just because it's packaged up in a way to make it seem fun for kids and reduce school admin, this doesn't mean it's right. There are very serious issues here. See http://www.LeaveThemKidsAlone.com/risks.htm for a full analysis

But what if the you had the same build and looks of an alleged attacker AND there was a fingerprint or DNA mismatch. A distinct possibility, since neither of these technologies are perfect. Then you could find yourself locked up for a considerable period. As a matter of fact I do have children. Do you? It was an attempt by my daughter's primary school to fingerprint all the children in their care WITHOUT parental permission that first alerted me to this disgraceful practice. With informed parental consent. No problem. Without - I would have a huge issue with this. As a matter of fact I have seen the system in action and working. What difference does that make? A smiley appears on the screen as children are fingerprinted. So what? Some might call that deliberate conditioning. The fact is they are being exposed unnecessarily to a critical risk of identity theft by using these things at schools. These are the experts' views, not mine. Who would you trust? Some unknown manufacturer aiming to make a fast buck, or Microsoft's Identity Architect, possibly the foremost expert on identity on the planet, and a host of other specialists with backgrounds in banking, etc.

Brian Drury is a computer security expert. He says "If a child has never touched a fingerprint scanner, there is zero probability of being incorrectly investigated for a crime. Once a child has touched a scanner he or she will be at the mercy of the matching algorithm for the rest of their lives." http://www.LeaveThemKidsAlone.com/expert.htm#fact_01 The problem is that even with only criminals' fingerprints on file there are mismatches. We might regard this as acceptable as criminals often reoffend, so it's a quick and easy way of eliminating suspects before making further enquiries. But once you start fingerprinting everyone, loads of totally innocent people will find themselves having to account for their movements. We are creating a nation not of free citizens, but of suspects. If I've done nothing wrong, why should I have to prove who I am to the government. It shows a total unreasonable and unjustified lack of trust on their part. And why on earth would they need the fingerprints of a five year old child??? Mr Clever Criminal will go to a lot of trouble to arrange a watertight alibi for himself on the day of the heist. Mr Innocent might simply be at home alone watching TV - but how will he ever prove it?

You might also be interested to see some examples of letters that schools send to parents when they are about to fingerprint children: http://www.leavethemkidsalone.com/betrayed.htm#fact_01 ...and the blog of one parent in Bradford who tried to do something about it: http://www.naseem.co.uk/education/school-fingerprinting-just-a-bit-of-fun/

"Do we know which school is doing this yet ?" You can find a list of schools that are taking children's fingerprints at http://www.LeaveThemKidsAlone.com/schools.htm#fact_01 There are about 400 schools listed there by name, but it is known that at least 5000 schools are doing this across the UK. I notice that Chaucer Secondary School in Wordsworth Avenue, Sheffield is one of those listed.

I have just found a far better account of fingerprint errors: "The Real Crime: 1,000 Errors in Fingerprint Matching Every Year" http://www.livescience.com/othernews/050913_fingerprint_mistakes.html Hope this is helpful. (It is certainly disturbing, in the light of previous posts on this topic).

"examples on a Channel 4 program transmitted last year when the big debate on ID cards was running..." Here are one or two of the most well known cases. There are plenty more. ID cards 'will allow crime fingerprint checks' - Blair goes back on promise http://www.telegraph.co.uk/news/main.jhtml?xml=/news/2007/02/20/nidcards20.xml Shirley McKie, a former Scottish police officer falsely accused by experts from the Scottish Criminal Record Office (SCRO) of leaving her thumb print on the bathroom door frame of a murder crime-scene - Wikipedia http://en.wikipedia.org/wiki/Shirley_McKie U.S. To Pay $2M For Attorney's False Terror Arrest - CBS News http://www.cbsnews.com/stories/2006/11/29/national/main2216468.shtml Student handed victory after fingerprint mix-up - local news report http://www.blackpooltoday.co.uk/ViewArticle.aspx?SectionID=62&ArticleID=1696937

"if children were fingerprinted and dna taken, then in later life it would be so much easier to pin point the offender eg: rapist." This assumes that: (a) we're all potential suspects, not citizens with rights to privacy (b) this Government, and every future Government is benevolent © they never make mistakes (d) fingerprint / dna matching is 100% reliable, which it isn't (e) the data is held in a way that it can NEVER be compromised by hackers (f) there are no corrupt officials whatsoever All these assumptions are invalid. I can supply details if required.

I just came across this thread and thought it might be helpful to post a few relevant bits. I am a parebt connected with http://www.LeaveThemKidsAlone.com nick2 said "Which school, where ?" in connection with the alleged "game of spies". For the answer, see the London Evening Standard - http://www.thisislondon.co.uk/news/article-23388467-details/Children%20tricked%20into%20giving%20fingerprints...%20by%20headmaster/article.do?expand=true The alleged incident happened in Cumbria in September 2006. A 6 year old child at the school in question came home and complained to his parents who took the matter up with their solicitors. Kim Cameron is Microsoft's Identity Architect. On his blog, he wrote: "People have to be stark, raving mad to use conventional biometrics to improve the efficiency of a children's lunch line." Kim Cameron's blog is at http://www.identityblog.com/?p=743 These school systems record what is called a fingerprint template. It is NOT just a number. The U.S. government's National Science & Technology Council's subcommittee on Biometrics says under certain circumstances a template CAN even be used to reconstruct a fingerprint image. Fingerprint templates are what the police and security services use when looking for a match. And there is an international standard called M1 (or INCITS 398 or NISTIR 6529) which allows for fingerprint templates from different manufacturers to be compatible and interchangeable. Within 5 years fingerprints will be used in passports and banks. This is already being trialled in India. see http://www.expresscomputeronline.com/20070312/technology01.shtml Once this happens here, fingerprint templates will become like a unique unchangeable PIN that we will need to travel, withdraw money, or whenever we need to prove who we are. Banks and passport offices spend millions protecting this kind of data. So it is outrageous that these are being stored on school PCs which could so easily be compromised and the data stolen. For more, see http://www.LeaveThemKidsAlone.com/facts.htm#fact_01 If all this was innocent schools would have no problem getting parents' permission, as with photos and school trips. But they don't. These systems are imposed. Parents are given only a couple of days notice, if they are lucky, before whole schools are fingerprinted. In the USA one school kicked out fingerprinting only this week after parents protested vigorously. It's only a matter of time before the same happens here.