databases

This page considers biometric databases or collections.

It covers -

• registers - scope and scale of fingerprint, DNA and other biometric databases
• integration or exchange

Australian government data collection and identification registers are discussed in more detail elsewhere on this site.

    registers

Most biometric schemes involve reference databases - collections of 'legitimate' identifiers (in image or other formats) for authentication matching or for screening. Routinisation of data collection means that although some databases are small, for example restricted to people accessing a particular building, others have grown to cover much of the population.

The Australian AFIS database, for example, contains around 2.6 million fingerprint records from individual State and Territory Police Agencies, including what are claimed to be records from all people arrested since 1941 and records from a range of official probity checks (eg police applicants for appointment as a police officer).

In the US the Federal Bureau of Investigation's Integrated Automated Fingerprint Identification System (IAFIS), promoted as the world's the largest biometric database, holds prints of over 47 million subjects in a Criminal Master File (with prints and associated criminal history data being "submitted voluntarily by state, local, and federal law enforcement agencies", several of which contribute from discrete databases). Prints are acquired as a result of an arrest at the city, county, state or federal level; they are not expunged if prosecution does not proceed or the individual is pronounced not guilty.

IAFIS also features 'civil' prints, acquired as part of background checks for "employment, licensing, and other non-criminal justice purposes where authorized by federal and state law and in compliance with appropriate regulations". That checking encompasses everything from the bullet-catchers at the Whitehouse to local dog catchers and health inspectors.

Large-scale DNA databases are more recent - the first national DNA criminal database for example was established in the UK in 1995, almost one hundred years after initial fingerprint databases - but have grown rapidly.

As at 2002 the UK national DNA database held over 1.5 million DNA profiles collected from suspects and convicted criminals. That had grown to over 3.1 million profiles by 2006, including 37% of black UK men, 13% of Asian men and 9% of white men according to advocacy group GeneWatch. Most profiles came from people who have been charged and convicted of crimes, but as of 2005 UK police have the power to take DNA from anyone arrested on suspicion of a recordable offence (ie would involve a custodial sentence), so the current figure of profiles from 113,000 people who had been arrested but not charged will presumably grow.

By 2006 the UK government offered indicative figures about national DNA registration by police agencies -

state UK Austria USA Switzerland Finland Estonia Germany Slovenia Hungary Canada Croatia France Norway Netherlands Belgium Sweden Denmark Spain

Population 59.8m 8.1m 298.4m 7.4m 5.2m 1.5m 82.4m 2m 10.2m 32.3m 4.6m 59.3m 4.5m 16.1m 10.4m 9m 5.5m 40.4m

DNA Register 3.130m 84,379 2.941m 69,019 32,805 7,414 366,249 5,782 28,278 75,138 10,744 119,612 6,745 14,747 4,583 6,115 4,084 2,656

% 5.23 1.04 0.99 0.94 0.63 0.49 0.44 0.29 0.28 0.23 0.23 0.20 0.15 0.09 0.04 0.07 0.07 0.01

New Zealand's national DNA databank, launched in 1996, held a modest 16,000 profiles as at 2003 but was growing at around 25% pa. The FBI Combined DNA Index System (CODIS), dating from 1998, held a mere 600,000 convicted offender profiles but is forms part of that organisation's National DNA Index System enabling city, county, state and federal law enforcement agencies to compare DNA profiles electronically.

    integration or exchange

Concerns about a single, integrated database are misplaced and the exchange of information between dabases that use different biometrics is inhibited by the lack of standardisation discussed earlier in this note.

What we are seeing instead is the transmission of information between 'sister' databases (eg one fingerprint collection to another) - an extension of past practice in faxing or even using the post to disseminate details - and use of electronic gateways.

The so-called Schengen III agreement in Europe in mid-2005 thus provides that officials will for the pursuit of criminal offences have access (via 'contact points') to fingerprint and DNA databases maintained signatory countries, with access to fingerprint data also permitted for prevention of criminal offences. A suspect's identity will typically only be revealed once a formal legal request has been made, following awareness that a match has been made.

Civil liberties advocates have perceptively commented that although large-scale automated data mining across different databases (especially across those in several jurisdictions) may be impeded by technical constraints and administrative or legal protocols, in practice it is quite easy for 'one-off' searching to be done ... simply supply details to each human contact point in a government agency's peers.

There are also concerns about 'leakage' and 'precautionary data collection', with for example concerns about trans-border exchange of passport information (or data about suspected terrorists, paedophiles and other offenders) with that information percolating into other systems in a way that is outside frameworks for accountability and correction.

   next page  (attitudes)