Identity, Privacy and Trust

Feb 4 2008   6:34PM GMT

Biometric travel controls at Heathrow T5

tobystevens tobystevens Profile: tobystevens

Tags:
Biometrics
privacy

BAA is trialling the biometric identification systems that will be used throughout the new Terminal 5, but is this an appropriate solution, and what exactly is the problem?

Late last year I had the opportunity to tour Heathrow’s new Terminal 5. It’s one of the less thrilling airport terminals I’ve visited – my favourite is Chep Lap Kok in Hong Kong (the original Kai Tak was without doubt the most exciting airport to land at, but the terminal experience was, well, pretty terminal). BAA is installing biometric authentication at the customs desks and boarding gates, and is now trialling the system in Terminal 1.

The purpose of the Heathrow solution is not to prove that the traveller is definitely who they say they are; it uses traditional controls to spot dodgy passports. The system is instead intended to bind the traveller to their travel documents between the first security check and the boarding gate (the check-in itself is fully automated, passengers only have human contact at the point they drop their bags off). At the point the passenger presents their passport and ticket, a small camera photographs their face, and they have to provide fingerprints to a scanner. Then, at the boarding gate, the process is repeated to verify that this is the same person that went through security, and that the documents haven’t been swapped.

BAA’s problem is that of transit passengers on dodgy documents exchanging them with accomplices who have legitimate papers. The transit passenger arrives in the UK with no checks, since they don’t clear customs. The accomplice checks in and swaps documents. The transit passenger then goes on to the new destination with a ‘clean’ identity (we never find out what happens to the accomplice – maybe they get left to fester in the airport?) BAA then deletes the biometric images at the end of the day.

To my mind, this seems like a reasonably appropriate solution, so long as the problem is as bad as claimed. After all, biometrics are pretty much the only proven mechanism to bind the document holder to the documents. The real privacy risks arise from function creep (for example, BAA retaining the data to identify repeat passengers) or unauthorised data sharing (for example, the biometric images and document details being harvested by security agencies). The problem is that no matter how well-intended BAA’s reassurances are, they’ll be meaningless if the government demands access to the data. The UK’s track record in this area suggests that it’s probably only a matter of time before that happens. I wonder if we’ll be asked for our consent when it does – and what our travel options will be if we don’t give that consent?

5  Comments on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.
  • Joel
    I agree its only a matter of time before the Government demands access to this data. Is this being driven by BAA's attempts to improve efficiency at check in, something passengers would I'm sure approve of, or is it to do with improving security? And while saving time at check in might seem a bonus for passengers, is it a price worth paying if our personal data is being passed onto Government without our consent?
    0 pointsBadges:
    report
  • Andrej
    Usually at an airport the most time for a passenger is lost during the check-in (the first security check) - this still remains. All other checks are comparatively fast - one has to arrive at the airport in advance anyway, so waiting 10 minutes before getting onto the plain does not bother me. I would suggest that BAA is trying to reduce the amount of staff required to service each flight - the automation would allow to have people only at the initial security gate and check-in. This does not seem like a security improvement that would be beneficial for the passengers at all.
    0 pointsBadges:
    report
  • Grant Alan Friedline
    I like the way this airport is using biometrics. Deleting the values at the end of the day is key. That keeps the possible collisions to a minimum. The system doesn't prove who you are, it supports who you are. I like that. That is how biometrics should be used.
    0 pointsBadges:
    report
  • Toby Stevens
    I'm hearing rumours that all is not what it seems with the biometrics at T5, and that this will be back in the news very shortly. Watch this space...
    0 pointsBadges:
    report
  • Biometric scanners
    They're starting this in a few US airports as an experiment and Canada is talking about implementing this for all travelers by 2013 It seems inevitable. Definitely an industry with a lot of potential
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: