PIAC REPORT: National Identity Cards, Biometrics and the Consumer: Displacing the Personal from the Person

As Canada continues to bolster national security post September 11th, and consumer commerce becomes increasingly jeopardized by identity theft, a National Identity Card scheme has been discussed as a potential solution. However, critics charge that National Identity Cards could turn into “de facto internal passports” which would be required to access almost all government or business services. Additionally, this new Card could lead to serious breaches to personal privacy. First, this report focuses on the security solutions offered by a National Identity Card, in terms of (a) National Security, (b) Identity Theft. Second, the privacy implications of a National Identity Card program will be identified, including a discussion of the effect of The Personal Information Protection and Electronic Documents Act (PIPEDA) in enabling infringement of personal privacy in the context of a National Identity Card scheme.
A National ID Card may likely be an inadequate solution to bolster national security because it fails to achieve the three broad goals set in Canada’s National Security Policy. National Identity Cards would link names with faces, and possibly even with biometric data, but would not, on its own, identify those persons harboring malicious intentions. Additionally, National Identity Cards would likely not help to curb identity theft, as identity theft has many causes. Even those for which a National ID Card might directly apply, there are weaknesses and dangers in its use. This report examines the reasons behind these shortcoming in terms of (1) Easy Credit, (2) Consumer Control of Credit Bureau Files and (3) Function Creep.
A National Identity Card program will also face technological and practical shortcomings. (1) They will be prone to fraud and counterfeit, just like other forms of identification. (2) Specifying who will be issued a Card, and who will not, includes the potential for social exclusion. And, (3) because of serious concerns about its accuracy and reliability, biometric indicators may in fact make National Identity Cards less secure. Given the pitfalls associated with a National Identity Card program, consumers are justified to be concerned about fraud, the implications of misidentification, as well as the cost of implementation.
A National Identity Card will also involve a vast accumulation of consumer information, which is cause for concern from a privacy standpoint. The major privacy implications stem from function creep, the threat posed by use of collected information for purposes other than that for which it was originally collected. Further, protecting the databases holding personal information is not only costly, but difficult to assure. Finally, exceptions under PIPEDA permit information to be exchanged between and within government, as well as between businesses and government for the protection of national security. This report concludes that the use of National Identity Cards, with or without biometrics, in interactions between individuals and the state or commercial entities, in a context of inadequate legal and technological safeguards, would introduce new ways of violating individual privacy and integrity. It would also be unacceptably costly given the expected, poor, results. However, should the Canadian federal government pursue the idea of a National Identity Card, recommendations have been supplied to reduce the risk of harm to consumers and citizens with respect to privacy and civil rights.
Read the full report: