Israel’s Supreme Court has dismissed a series of petitions that were filed in response to the country’s creation of a national biometrics database. The petitions were filed in 2017, and were dismissed largely because the High Court Justices believe that circumstances have changed to the point that the petitions were no longer relevant.
In that regard, Israel had previously passed a law that made fingerprint registration mandatory for anyone hoping to acquire a 10-year ID. That law was passed alongside a temporary ordinance that gave the state permission to collect that data. However, the state has since backed away from that decision, prompting the Justices to conclude that there is no need for a petition if biometric registration is not required.
The Court did not pass any judgment on the merits of the case, leaving the door open for another petition as Israel’s biometric infrastructure evolves. The petitioners expressed dissatisfaction with that result, arguing that the Court is avoiding an important security question that still needs to be resolved.
“A very cowardly decision by the court,” said Jonathan Klinger, an attorney representing some of the petitioners. “Instead of discussing the harm to privacy, they kick the matter down the road until a significant incident takes place.”
Civil rights advocates filed the initial petition because they believe that a centralized biometric database infringes on people’s privacy, and that it represents a major security risk. A national biometric repository would be an attractive target for cybercriminals, and the consequences could be devastating if the biometric data of Israeli citizens ends up in the hands of terrorists or other hostile parties.
With that in mind, the petitioners suggested that smart IDs would be a safer alternative to a database, since each person’s biometric data could be stored locally on a single card and there would be less information exposed in the event of a breach. They went on to argue that the agency responsible for managing the biometric database has failed to perform a proper risk analysis, and that it has not shared any meaningful data about potential threats to the system.
The Justices, on the other hand, essentially argued that there is no point in having the conversation as long as many Israelis are still using non-biometric ID cards, since there is no way of knowing what kinds of threats will exist in a fully biometric environment. They therefore suggested that the question should be revisited in 2024, which is when Israel is hoping to complete its transition to biometric documentation.
The problem, according to critics, is that the database issue goes well beyond the biometric registration system, and therefore needs to be resolved in a more timely fashion. Israel’s border agency recently came under fire for building and sharing an illegal facial recognition database, and Israeli lawmakers are currently pushing a bill that would give the police broad biometric surveillance powers. Civil rights activists argue that those movements create an urgent need for more meaningful privacy protections.
July 15, 2022 – by Eric Weiss