It's the same in Belgium, France and I'd bet it's the same in any other European Union countries.
The quote is from a longer paragraph about the use of ID card. We use ID card for that too in the EU as a proxy for identification verification. The author seems to imply is bad per se. Hence my remark.
We also have laws and activists to fight governments willing to associate those IDs with DNA, iris record, health, etc.
But those data have nothing to do with your legal existence and your ability to prove it.
FTR: I hope Kenyans will find a way to resist their government's move to associate such data with their ID.
(The decision that people can't "vote, purchase property, access higher education, obtain employment, access credit, or public health, among other fundamental rights" without ID is a political one, it's not necessarily intrinsically required)
My point is I fail to see how your comment, regardless of its truthfullness, adds value to the discussion.
If there already exist murderers, is it okay for you to become a murderer?
What the article suggests is without proper checks and balances in-place, the new system could easily be used against Kenya people. And I totally agree. But to stop it, we need to find out the root cause of the problem.
Authoritarian governments are a strictly better alternative to the current conditions in many societies. Some form of government is better than completely feudal civil war. Who can today say that Saddam Hussein was worse for Iraq than the current US led mess the country has been into ? More people have died, more children dead, more women raped and more wealth destroyed for US attempts to throw away dictator and put democracy in order.
Ouch. The full identity theft package. Probably worth comparing this with the controversy over Aadhar, the Indian scheme.
Edit: I guess the other meaning is things like getting a duplicate SIM card to defeat 2FA. I'd imagine that's a problem. Can anyone comment whether such information would make this easier?
It would be a bit stupid to base an identification system, like that of a bank or credit card or whatever, on earlobe shape or Iris alone. But in combination with other factors it might be quite secure.
I think Earlobe shape can be used for identification in video footage. Iris scans only if you have a really good camera and a lot of luck. Otherwise it's really hard.
Then again, "trustworthiness" is not exactly a strength of an average African government so far.
Is there such a thing as a trustworthy government?
Imagine promoting a system so prone to abuse that you're really only one election away from an inescapable genocide whose detractors can be silenced perfectly.
After all, racism is rarely fact-based.
But the impression that they know people's race, whether the DNA gathered are used in that determination or not (I vote not, since it's more expensive than a machete), is likely to help the case of whatever regime thinks it up.
Also, my emphasis was more on the detractors can be silenced perfectly bit. You can see the accompanying legislation coming, requiring social media and other communications infrastructure to be authenticated with the state id.
The problems start when you have to use that Id for things like Internet Access etc. and the government starts censoring and actual surveillance.
I don't think people there care about privacy when they are struggling to avoid being robbed and to put a roof over their heads. If these measures can make Government and policing more efficient, than so be it.
It is virtually impossible to derive any health information from that data. It may be possible to estimate a person's ethnic background (which sometimes may be a danger in Africa) within reason. The one certain danger to privacy would be around family relationships, which some people may want to keep hidden.
So they really need to make sure they evaluate and communicate the benefits of this kind of data collection. To me it sounds a bit like some private vendors sold them the kitchen sink...
This is just a bit worse than Aadhaar, the biometric based "unique ID" that's been bulldozed on to people in India. The Aadhaar program ran as an executive mandate (with no legislative backing) for several years, then a poorly drafted law was brought in and passed through subterfuge by the current ruling party (BJP). Aadhaar is based on fingerprints and iris scan, but there are provisions in the backing law to include DNA or other information as and when the authority pleases.
Like this Kenyan ID, India's Aadhaar has no opt-out (the Supreme Court gave a vague ruling last year that children should be able to opt out, but that hasn't been implemented).
It seems like this Kenyan ID uses biometrics directly, which is how Aadhaar also works. If your biometrics are leaked or compromised (I'm highly amused to even write these words), then you cannot revoke the ID or get a new ID. The concept of cancelable biometrics was not considered (Nandan Nilekani, one of the founders of the famous/infamous Indian company Infosys, headed this ID program, and suffice it to say that it's been a disaster in so many ways).
Like Kenya, India still does not have a data privacy law (the one drafted by a government commission has many issues, but will become the law in the future), but the government coerced many people to get Aadhaar through lies, deceitful marketing and causing general panic.
Hundreds of thousands (or even millions, by now) have lost money because of the way Aadhaar was linked to almost everything (bank accounts, phone numbers and many more), and the government's constant coercion and panic creation for people to get it and link it was the opportunity of a lifetime for people to phish, scam and defraud people. The majority of the affected were/are not digitally literate (even many educated people aren't generally digitally literate) and are poorer and/or elderly.
Since Aadhaar was, and is continuing to be, used for government subsidies, the failure of the poorly designed, centralized system in a country with poor network infrastructure and a lot of inherent corruption resulted in many deaths, including starvation deaths of small children, and disabled and/or elderly people.
India is a place where the executive branch of the government can get away with saying that these didn't happen (denial) or that it's collateral damage ("nothing in this world is flawless, so why bother?" is the mindset). The courts won't intervene on their own even for such grave matters.
Over the years, people have pointed out several security flaws in the system, but the authority in charge of Aadhaar, UIDAI, has always been in denial mode (and still is). The reaction of UIDAI has always been to file criminal complaints against those who show the weaknesses, instead of encouraging responsible disclosure or acknowledging the efforts of such people.
Since the Indian judicial system is also very slow (it took more than three years to even start hearing the cases filed by many people against this ID), the government had it quite easy. That's why I keep using the term "bulldozed".
Those who wanted to show the security flaws many a times refrained from doing it themselves because of the repercussions. And that's why the biggest opponent examining and talking about the security issues in the Aadhaar system is a French national who goes by the name Elliot Anderson on Twitter. [1]
Even Troy Hunt pointed out many basic flaws [2], but UIDAI's response was, as usual, denial.
Mozilla, EFF and many others have written about, and against, the Aadhaar program.
I can go on and on, but this would then become a book (see my profile for a little more).
[1]: https://twitter.com/fs0c131y
[2]: https://www.troyhunt.com/is-indias-aadhaar-system-really-hac...
