Welcome to FindBiometrics’ digest of identity industry news. Here’s what you need to know about the world of digital identity and biometrics today:
NDAA to Mandate Study of Cyberthreat Info Sharing Between Gov’t, Private Sector Stakeholders
The National Defense Authorization Act will include a provision requiring the National Security Agency (NSA) and the Cybersecurity & Infrastructure Security Agency (CISA) to conduct a study and draft a brief concerning the development of a “cyber threat information collaboration environment program” that would span government and private sector entities. The study will have a deadline of April 30, 2023, and the NSA and CISA will need to brief relevant Armed Services Committees. The NDAA also now includes legislation to revitalize FedRAMP, and is expected to pass through the House and the Senate within the next couple of weeks.
Energy Regulators Explore Cybersecurity Upgrades
The Federal Energy Regulatory Commission (FERC) is considering the implementation of enhanced Critical Infrastructure Protection standards to protect utilities and other parts of energy infrastructure against cyberattacks. FERC Chairman Richard Glick affirmed his organization’s interest in “updating the liability standards” at a recent technical conference co-hosted with the Department of Energy, and pointed to the need for a high baseline cybersecurity standard across various agencies. The Director for Cyber Integration at the MITRE Corporation’s Homeland Security Center, also on hand at the conference, called on the Department of Energy to require a Software Bill of Materials from its software vendors.
Court Reverses BIPA Decision, Rejects Harm Requirement
The Second District Appellate Court of Illinois recently reversed a summary judgment in favor of a defendant in a lawsuit brought under the state’s Biometric Information Privacy Law. The new judgment found that the lower court had misinterpreted certain sections of BIPA, and reaffirmed that companies – in this case, defendant J&M Plating – must have transparent biometric data retention and destruction policies in place. Notably, the Second District Appellate Court also disagreed with the lower court’s determination that the plaintiff had no standing as they had not suffered harm from the breach, ruling that demonstrated harm isn’t required under BIPA – an interpretation that contradicts another recent BIPA ruling in a separate case, against Facebook.
Chennai Police Scan Pedestrian Faces, Seemingly at Random
Police in the Indian city of Chennai are reportedly scanning the faces of random pedestrians on the street at night as part of an effort to use facial recognition for security. Their apparently disorganized and incoherent approach to the project seems emblematic of government authorities’ use of biometrics in the urban center after the reports earlier this year of glitches in biometric readers disrupting the distribution of subsidized food.
Incode Seeks Foothold in Australian ID
Incode is looking to establish itself as a leading identity provider in Australia as the country’s political leaders mull the development of national digital ID and authentication solutions in the wake of this year’s massive data breach against the telecom Optus. The company had appointed a new General Manager for Australia and New Zealand and a new Technical Director for APAC in October. Now, Lazarevic tells the Financial Review that Incode is pursuing accreditation under Australia’s Trusted Digital Identity Framework, and that it’s in talk with 40 prospective clients in the country.
NEC Developing Gateless Access Control System
NEC is working on a gateless biometric access control system for high-throughput applications. As The Yomiuri Shimbun reports, the system will use facial recognition as well as other, as-yet-unspecified biometrics to automatically identify individuals approach a given entrance. It will recognize those who have registered in advance, and immediately flag unrecognized individuals for security personnel. The company is aiming to get the system operational in a real-world deployment in 2024.
Best of Luck, Nick
Liberia’s National Elections Commission is still in talks with Laxton Group about the provision of biometric voter registration technology, despite the recent news of its indefinite postponement of the registration exercise, and a formal challenge of the contract from another bidder, the Waymark Infotech/Mwetana consortium. Commission chair Davidetta Browne Lansanah told representatives of multiple political parties in a recent briefing that a four-member delegation from Laxton, headed by the group’s EMEA arm, Nick Perkins, is currently consulting with Commission technicians about a potential contract for biometric voter registration equipment. It’s something of a gamble for Perkins and his company, whose management surely recognize the diminished credibility of the National Elections Commission after a drawn-out, chaotic, and possibly corrupt bidding process.
December 9, 2022 – by Alex Perala