NGO petitions High Court to strike Biometric Database Law
The Digital Rights Movement on Monday petitioned the High Court of Justice to declare the recently passed Biometric Database Law as an unconstitutional violation of the privacy and security of citizens that has “caused great harm to Israeli democracy.”
DRM lawyer Yonatan Klinger said, “From the moment the database went into effect, we all go on to the blacklist of potential suspects. The rule in our democracy until now has been very simple: if you did not break a law, you do not go on the suspects’ list... But from this moment... everyone changes into a suspect... and this must be annulled.”
The Biometric Database Law was passed by a 39-to-29 vote on February 27 after years of controversy and adjustments being made to the legislation to address criticisms.
While DRM praised the changes as mitigating some of the privacy and security violations, it filed the petition, stating that the database itself was still unconstitutional and dangerous, and that biometric smart cards can continue, but with no database.
Until now, to get a “smart” biometric card, a person was required to give the national biometric database access to personal facial recognition and fingerprint data.
Due to changes to the law, those who get smart cards after June 1 can join without having to enter their fingerprints into the database.
The law also includes an option to delete fingerprint data for anyone who already gave their permission to access that data.
Fingerprints for those under the age of 16 will not be included in the database; the police cannot use the database for law enforcement purposes until the Knesset approves related regulations on the issue; and court approval will be needed before fingerprints in the database can be used for law enforcement purposes.
The government’s “cyber chief” will be entrusted with reviewing the database every 18 months, instead of every two years, to see if an alternative to fingerprinting for identification has been developed.
From the start, there has been heated debate about privacy rights and whether a database exposes citizens to new kinds of identity and personal information theft, in an age when cyber hacking seems unstoppable.
Interior Minister Arye Deri previously signaled that he would push to make joining the database – including taking fingerprints and facial recognition pictures – required for all identity cards going forward, but he eventually had to agree on a compromise.
Those objecting will still have their fingerprints and facial-recognition picture taken, but that would only be connected to their smart-card, not placed in the database. And as a penalty of sorts, they would need to renew their ID cards every five years instead of every 10.
Israel has suffered from forged identity cards for years. That eventually led in 2009 to the Knesset authorizing a pilot program of the biometric database as a way to try limiting the number of those false cards.
The new cards linked to the biometric database contained far more personal information, such as the fingerprint data and a facial scan, to make it more difficult to falsify or steal cards, but DRM maintains that adding the database is unconstitutional.