The debate regarding biometrics and privacy issues continues to rage asopportunities for misuse abound, writes Karlin Lillington

The Republic has just become one of the central locations in Europe where the increasingly bitter battle over the use of biometrics - ways of recognising a person using physical or behavioural characteristics such as iris, fingerprint or voice patterns - will be staged.

With looming European and US deadlines for the incorporation of biometric identifiers into passports, the Dublin-based European Biometrics Forum (EBF) - a broad group comprising industry, academia, governments and privacy advocates, backed by EU and Irish Government funding - hopes to facilitate debate and help establish industry standards and international guidelines in how biometrics should, and should not, be used.

Mr Martin Walsh, chairman of the EBF and head of legal affairs at Irish biometrics firm Daon, is insistent that the group is not an industry lobby.

Along with establishing a centre of excellence in Dublin that can evaluate and demonstrate biometric technologies, the EBF will work towards creating a European "roadmap" for the use of biometrics, he said.

The debate about the use of biometrics can be conveyed by two alternate scenarios. Imagine that you land in a European airport and produce your passport at customs, where it is scanned and, under the watchful eye of the customs official, you place a finger over a small digital scanner.

Your fingerprint matches that encoded in your passport and in seconds you are cleared and waved through. But the fact that you have passed across the border on this date, at this time, immediately goes to a large database, from which it is forwarded onwards to other national and international databases.

There, it can be collated with years of detail about all the flights you have ever taken, phone calls made, years in which you voted, your financial history, the books you have checked out from the library, all the groceries you have ever purchased at the local supermarket, your traffic tickets, your mortgage details. Your life is under scrutiny for correlations that might signal you are a criminal or terrorist. Or a good person for hundreds of eager companies to market a highly targeted range of services to.

Then, an alternative scenario. You land in a European airport and, waving your passport in front of one scanner and placing your finger against another, have your identification quickly verified. In moments, you are through, saving considerable time. Meanwhile, your details are verified and, although your border crossing is noted for records, the data is immediately encoded or destroyed so that it cannot be reused in other databases.

According to Mr Gérald Santucci, who responsible for e-government applications relating to administrations at the European Commission, the point of introducing biometrics in Europe is "to provide enhanced security and privacy for our citizens".

Biometrics is an opportunity for Europe in research and development and influencing and shaping global policy, said Mr Santucci, speaking at a conference on Monday launching the EBF.

The latter also points to the Irish Government's agenda, according to Minister for Communications, Mr Ahern, who opened the conference.

But, as Mr Santucci noted, citizens have consistently expressed unease about how biometrics might be used for general information gathering.

"We must recognise the concern about government access to personal data," he said. "We must make sure these technologies do not undermine the freedoms they're supposed to protect."

That was the theme of keynote speaker Ms Ann Cavoukian, information and privacy commissioner for Ontario, Canada. "Biometrics and privacy: put them together and they can either be explosive or extremely beneficial," she said.

A recognised expert and author on the subject of technology and privacy, she argues - somewhat controversially for many privacy advocates - that technology such as biometrics "can be a great friend of privacy".

The advent of the Web in the early 1990s has meant that huge amounts of information can be gleaned from individuals, stored, collated, bought and sold, she said. Only technology could help shield the information that technology also made easily available, she argued.

But many technologists don't consider how they might build privacy protections into technologies because such issues often aren't discussed at the research or industrial level, she noted. She is especially interested in using biometrics to encrypt (digitally encode) personal information in such a way that it cannot be passed in any meaningful way to other databases.

Much of the push for requiring technology-driven forms of identification comes from the US government, as a reaction to the events of September 11th, 2001.

Dr W. Russell Neuman, from the Office of Science and Technology in the White House, noted the acceleration of deadlines for using biometrics in the US, in passports and other forms of identification.

Discussion about policy and technologies are still "in flux", he said, adding that he felt the EBF could provide helpful input to discussions. But he also admitted that "public perception" and "social and political implications" of the use of biometrics was "perhaps the least studied area so far".

Yet, even as national governments rush towards implementing biometrics, the feasibility and accuracy of the technologies, and the ability of countries to meet these deadlines, is also in question.

Dr Neuman noted that only Australia and the Netherlands seemed able to meet the first international deadlines for bringing in some use of biometrics.

Industry analyst Mr Anthony Allan, from consultancy group Gartner, said the technologies were still problematical and only "effective in small-scale deployments".

For example, technologies such as facial and finger scans produce too many false results - wrongly approving or rejecting identity matches.

In addition, many of the controls proposed for using biometrics in airports wouldn't have prevented the events of September 11th, he said - the terrorists were all legitimate travellers with properly booked tickets, were not under suspicion and were not trying to impersonate airport personal.

Overall, with biometrics Gartner "feels these schemes are not feasible on a large scale for another four years and that's only if the problems are overcome", he concluded.

If that is the case, the EBF will have its work cut out for it.