In all of my blogs about biometrics, I address an ongoing concern that the use of biometrics as an "identity document" or in personal identification is being deployed without further research and analysis on the potential magnitude of its implications. I find this topic very interesting in addition to the privacy issues surrounding databases. Therefore, I continued researching and reading articles about the subject of biometrics implementation as a more efficient security measure. I weighed the pros and cons of what I discovered before finding a document in which a public policy forum on biometrics was held. I am sure this is not likely to be the first or the last time a group convenes to determine the best approach to defining an appropriate policy for implementing biometric systems for various identity verification applications. I thought, "Whew! Finally, a collective, diverse group of intellectual individuals have taken measures in the interest of biometrics implications seriously enough to intiate the development of a suitable public policy." It is obvious that we will not be able to avoid every potential problem that comes with the use of biometrics, but how we may be able to minimize the impacts if we seek to find sources to the problem instead of waiting to treat symptoms.
I like the seeking the cure before the disease or at least analyzing and researching the issue to discover the source of problems. It is an approach that is taken in Project Quality Management and in healthcare as a natural, approach called homeopathy. If we can get to source of the disease or problem, we can prevent it instead of treating the symptoms which perpetuates the existence of the disease or problem. The public forum discussions on biometrics seem to be focused on taking the holistic approach as they sought diverse perspectives for meeting the challenges of biometrics in advance. In the article, a list of major concerns and recommendations have been proposed. I summarized them as the following:
1. Concern for the potential abuse of biometric systems
2. Using "biometrics in an immigration and citizenship context could create
we-versus-them mentality."
3. Trading off security with privacy concerns
4. Implementation of biometrics without establishing an identity policy
5. Failure to perform a proper assessment of biometric implications
6. Concern that "technology will drive policy if we don't ensure that policy
imperatives are driving the development of technology."
7. Addressing the need for "a business case for using biometric applications in
identity documentation, including a national identity card."
8. Concern for that the "perceived dichotomy between security and privacy is false."
9. "Use of biometrics in identity documentation presents genuine issues that merit
serious public discussion."
10. Monitoring and controlling quality and performance of such systems
Reference Article or Link:
http://www.cic.gc.ca/english/pdf/pub/biometrics.pdf
Wednesday, April 2, 2008
Enhanced Driver Licenses In Washington, Does This Arouse Suspicions For Anyone?
Reference Article or Link:
http://www.dmv.org/news-alerts/enhanced-driver-license.php
"Why Enhance the Driver License?
In a continued effort to develop alternative forms of identification compliant with the Western Hemisphere Travel Initiative, the Department of Homeland Security came up with the idea for these voluntary licenses and ID cards. The hope is that the EDL/ID―which denotes identity and citizenship―will make travel across land and sea ports of entry much more convenient.
Benefits of the EDL/ID
Using Radio Frequency Identification Tags (RFIT) and other measures that make forgery more difficult, EDL/IDs are encoded with the proper information to replace passports at border crossings. Furthermore, the EDL is less expensive and easier to tote around than a traditional passport. Washington Governor Chris Gregoire described EDLs as "a way to boost security at our border without hampering trade and tourism." If all goes as planned in Washington, we just might see these alternative forms of identification across all states.
Part of the Intelligence Reform and Terrorism Prevention Act of 2004, the The Western Hemisphere Travel Initiative requires travelers to carry passports when crossing the borders into Canada and Mexico (as well as Bermuda and the Caribbean). EDLs would take the place of a passport for U.S. citizens crossing at these land and sea ports of entry, but not for international air travel. This represents a savings to consumers, with passports costing $97 and EDLs $45 (DMV-Washington 1998-2008)."
I read this piece after I searched for more information on the Department of Motor Vehicles in Washington, D.C. I was just looking for information about traffic light cameras and tickets for traffic violations via mail for my blog due to my experience regarding the topic. After reading it,I recalled all of the information in Database Nation and articles and my blogs on the use of biometrics with respect to our national security. I began to think "Uh-oh. It's happening. They are deploying these systems in spite of further research and analysis of their implications on accurate personal identification."
Then, I thought perhaps the Enhanced Driver License despite an effort to protect our national security is just another way to track our traveling habits. I became suspicious of what might actually be done with the information. If our spending and driving behaviors are already being tracked by collecting data from credit and discount shopping cards and smart tags, then this is just another way for them to find out even more about us. Could this type of license be used as a GPS enabled tracking device? Or could it be another way for the DMV to collect information about our travelling habits and then sell them to third parties who then inundate us with travel promotions and credit card solicitations with frequent flyer programs?
Beyond the collection of travel data, I worry that the issues surrounding biometrics will become more abundant with the issuance of such a license. This could defintely lead to big business for identification card counterfeiters, which in turn magnifies the problem of identity theft. We will have to worry about malicious individuals seeking and gaining employment at organizations or agencies that maintain biometric data for their own personal gain. What about data collected that may be used to inaccurately accuse someone of a crime simply because they were at the wrong place at the wrong time? I think that we are asking for trouble here despite all of the potential benefits. The deployment of Enhanced Driver's Licenses as a more efficient passport seems to be in effect already, which means I will stay alerted to the good and potential bad this program may cause. Who knows? Maybe it will be successful; there will be no mistaken identities; and the worst we will endure is an increase in junk mail.
http://www.dmv.org/news-alerts/enhanced-driver-license.php
"Why Enhance the Driver License?
In a continued effort to develop alternative forms of identification compliant with the Western Hemisphere Travel Initiative, the Department of Homeland Security came up with the idea for these voluntary licenses and ID cards. The hope is that the EDL/ID―which denotes identity and citizenship―will make travel across land and sea ports of entry much more convenient.
Benefits of the EDL/ID
Using Radio Frequency Identification Tags (RFIT) and other measures that make forgery more difficult, EDL/IDs are encoded with the proper information to replace passports at border crossings. Furthermore, the EDL is less expensive and easier to tote around than a traditional passport. Washington Governor Chris Gregoire described EDLs as "a way to boost security at our border without hampering trade and tourism." If all goes as planned in Washington, we just might see these alternative forms of identification across all states.
Part of the Intelligence Reform and Terrorism Prevention Act of 2004, the The Western Hemisphere Travel Initiative requires travelers to carry passports when crossing the borders into Canada and Mexico (as well as Bermuda and the Caribbean). EDLs would take the place of a passport for U.S. citizens crossing at these land and sea ports of entry, but not for international air travel. This represents a savings to consumers, with passports costing $97 and EDLs $45 (DMV-Washington 1998-2008)."
I read this piece after I searched for more information on the Department of Motor Vehicles in Washington, D.C. I was just looking for information about traffic light cameras and tickets for traffic violations via mail for my blog due to my experience regarding the topic. After reading it,I recalled all of the information in Database Nation and articles and my blogs on the use of biometrics with respect to our national security. I began to think "Uh-oh. It's happening. They are deploying these systems in spite of further research and analysis of their implications on accurate personal identification."
Then, I thought perhaps the Enhanced Driver License despite an effort to protect our national security is just another way to track our traveling habits. I became suspicious of what might actually be done with the information. If our spending and driving behaviors are already being tracked by collecting data from credit and discount shopping cards and smart tags, then this is just another way for them to find out even more about us. Could this type of license be used as a GPS enabled tracking device? Or could it be another way for the DMV to collect information about our travelling habits and then sell them to third parties who then inundate us with travel promotions and credit card solicitations with frequent flyer programs?
Beyond the collection of travel data, I worry that the issues surrounding biometrics will become more abundant with the issuance of such a license. This could defintely lead to big business for identification card counterfeiters, which in turn magnifies the problem of identity theft. We will have to worry about malicious individuals seeking and gaining employment at organizations or agencies that maintain biometric data for their own personal gain. What about data collected that may be used to inaccurately accuse someone of a crime simply because they were at the wrong place at the wrong time? I think that we are asking for trouble here despite all of the potential benefits. The deployment of Enhanced Driver's Licenses as a more efficient passport seems to be in effect already, which means I will stay alerted to the good and potential bad this program may cause. Who knows? Maybe it will be successful; there will be no mistaken identities; and the worst we will endure is an increase in junk mail.
Who's Watching You?
About 2 years ago, I went to our mailbox to retrieve our mail and discovered a letter from the Washington D.C. Department of Motor Vehicles. I thought "Okay, this is kind of odd. We have never lived in D.C. so this must be some kind of solicitation of support or some error." The letter was addressed to my husband, a person who never reads mail because he has delgated that job to me, his personal secretary. So, I opened the letter and to my surprise there is a partial picture of the back of his truck fit into the outline of a triangle. There was his license plate and smaller, bits of image of the street and traffic signs where he had been driving. As I scanned the rest of the letter, I discovered the time in which the picture had been taken and the speed at which my husband had been driving. There was a notice in bold type indicating that my husband had been caught speeding on camera and instructions for payment such a traffic violation was also included. "Wow! I can not believe this!", were the first words I uttered.
Now, we were already aware of cameras being installed at traffic lights to monitor traffic violations, catch the offenders, and of course generate more revenue for those states or districts that had deployed them. Yet, it was still shocking to have it happen to us because no one else we knew, despite being aware of their frequent offenses, had ever been sent a ticket in the mail for a traffic violation. At that very moment, we began to take it very seriously that not only were our driving habits being monitored, but that all of our daily activities were also under surveilence.
When my husband and I began discussing the details of the ticket, he recalled just where he was heading that day and what he was doing at the light. Yet, he was never aware that his quick trips to get lunch, gas, or gum from a convenience store might actually be monitored. We begin to explore all of the possibilities for problems this could cause anyone who is being watched whether they are on their best behavior or not.
We imagined what this could mean for someone who might be driving the company car and just happened to get caught speeding. This information gets sent to the employer in the form of a ticket. Now, before the cameras and this type of information sharing among agency databases it might have been something that an employee could have handled discreetly while maintaining what appeared to be a good driving record on the surface---at least that is until the employer updated the data it stored on its drivers via regular DMV background searches. All of a sudden it becomes more than just a traffic violation that the employee has to worry about, but perhaps conditions of continued employment or reprimands on the job. If that is not enough, consider the possibilities of an area caused by two cars travelling a little closely and while passing through a light one is speeding and one may not be speeding. Is it not likely that a picture could be taken of the second car, a traffic violation could be recorded, and then a speeding ticket gets sent to the wrong person? There have been instances where multiple cars are pulled over for speeding simultaneously because they were travelling within in enough range of radar guns to be considered a traffic violator. I am sure that there are likely statistics to support the accuracy of radar guns in catching speeding violations, but the margin for error can not be discarded. A similar margin of error must be taken into account with the use of traffic light cameras. There is always a chance that cameras malfunction or delay and can capture the wrong data that then gets feed into a system where that information is shared among agencies who can make critical decisions about individuals. In this case, the decisions seem to be automated somewhat, but I could be wrong. What are the implications for deploying systems like this despite potential for inaccuracy?
We believe that the magnitude of implications of these surveilance systems is beyond what we could ever imagine because there are too many factors that are not being taken into account. Similar to all other collection of data stored in these systems, the potential for abuse by malicious individuals privy to that data within the organization that maintain this data is of great concern. You never know who is watching you, what information that is being kept about you, and just how that information can be used against you. Thus, we keep this in the forefront of our minds most of the time, but have to be careful not to get too comfortable with the cameras like the individuals on reality t.v. shows.
Now, we were already aware of cameras being installed at traffic lights to monitor traffic violations, catch the offenders, and of course generate more revenue for those states or districts that had deployed them. Yet, it was still shocking to have it happen to us because no one else we knew, despite being aware of their frequent offenses, had ever been sent a ticket in the mail for a traffic violation. At that very moment, we began to take it very seriously that not only were our driving habits being monitored, but that all of our daily activities were also under surveilence.
When my husband and I began discussing the details of the ticket, he recalled just where he was heading that day and what he was doing at the light. Yet, he was never aware that his quick trips to get lunch, gas, or gum from a convenience store might actually be monitored. We begin to explore all of the possibilities for problems this could cause anyone who is being watched whether they are on their best behavior or not.
We imagined what this could mean for someone who might be driving the company car and just happened to get caught speeding. This information gets sent to the employer in the form of a ticket. Now, before the cameras and this type of information sharing among agency databases it might have been something that an employee could have handled discreetly while maintaining what appeared to be a good driving record on the surface---at least that is until the employer updated the data it stored on its drivers via regular DMV background searches. All of a sudden it becomes more than just a traffic violation that the employee has to worry about, but perhaps conditions of continued employment or reprimands on the job. If that is not enough, consider the possibilities of an area caused by two cars travelling a little closely and while passing through a light one is speeding and one may not be speeding. Is it not likely that a picture could be taken of the second car, a traffic violation could be recorded, and then a speeding ticket gets sent to the wrong person? There have been instances where multiple cars are pulled over for speeding simultaneously because they were travelling within in enough range of radar guns to be considered a traffic violator. I am sure that there are likely statistics to support the accuracy of radar guns in catching speeding violations, but the margin for error can not be discarded. A similar margin of error must be taken into account with the use of traffic light cameras. There is always a chance that cameras malfunction or delay and can capture the wrong data that then gets feed into a system where that information is shared among agencies who can make critical decisions about individuals. In this case, the decisions seem to be automated somewhat, but I could be wrong. What are the implications for deploying systems like this despite potential for inaccuracy?
We believe that the magnitude of implications of these surveilance systems is beyond what we could ever imagine because there are too many factors that are not being taken into account. Similar to all other collection of data stored in these systems, the potential for abuse by malicious individuals privy to that data within the organization that maintain this data is of great concern. You never know who is watching you, what information that is being kept about you, and just how that information can be used against you. Thus, we keep this in the forefront of our minds most of the time, but have to be careful not to get too comfortable with the cameras like the individuals on reality t.v. shows.
Medical Databases Offer No Data Protection Can This Be Serious?
I have browsed through another chapter in Garfinkel's Database Nation and am growing more paranoid and concerned each day, well at least while reading anyway. There was a section in the Chapter 6: To Know Your Future that discusses how medical databases are maintained with information about our medical records that could be used for other purposes. I was not aware that there are no laws that protect the safeguarding of our medical records. Literally, anyone in a doctor's office could maliciously use the contents of our records to commit identity theft or leak out information to outsiders without reasonably being punished. Well, that stinks!
Prior to reading this book, I always felt like it was not necessary to include my Social Security Number on medical forms for each doctor or hospital visit. It just seems odd to have to keep sharing something that is considered the current unique identifier that links so much information to me. When I think of how many doctors who I no longer see (e.g. specialists, unfavorable doctors, and doctors left behind during a move), then I wonder what could actually be done with my information.
I worry that because I am no longer a current patient that some individual privy to my personal data will discount my very existence because they do not have to see my face again or believe that old patients quates to old data that is not important.
It is overwhelming to think that someone can simply disrupt your life by going into your past to reveal some medical secret for which you thought was between you and your doctor and not be prosecuted to the fullest extent of the law. This chapter and section reveals why it is so important for the laws to catch up with technology. I am always hearing about how technology law is becoming more important to that particular industry.
Still, I wonder if we will ever catchup or slow down long enough to assess the potential sources of problems that medical records databases among an infinite number of other types of databases present before we start thinking about treating their symptoms. I wonder what it will take. Perhaps, regulation will increase when information regarding a significant government official surfaces---of course if that happens then it may be an internal leak in a grander scheme of things, but that's another topic.
Prior to reading this book, I always felt like it was not necessary to include my Social Security Number on medical forms for each doctor or hospital visit. It just seems odd to have to keep sharing something that is considered the current unique identifier that links so much information to me. When I think of how many doctors who I no longer see (e.g. specialists, unfavorable doctors, and doctors left behind during a move), then I wonder what could actually be done with my information.
I worry that because I am no longer a current patient that some individual privy to my personal data will discount my very existence because they do not have to see my face again or believe that old patients quates to old data that is not important.
It is overwhelming to think that someone can simply disrupt your life by going into your past to reveal some medical secret for which you thought was between you and your doctor and not be prosecuted to the fullest extent of the law. This chapter and section reveals why it is so important for the laws to catch up with technology. I am always hearing about how technology law is becoming more important to that particular industry.
Still, I wonder if we will ever catchup or slow down long enough to assess the potential sources of problems that medical records databases among an infinite number of other types of databases present before we start thinking about treating their symptoms. I wonder what it will take. Perhaps, regulation will increase when information regarding a significant government official surfaces---of course if that happens then it may be an internal leak in a grander scheme of things, but that's another topic.
Biometrics: "The Silver Bullet For Terrorism?"
Since 9/11 and the war in Iraq, we as a nation have been growing increasingly concerned about how to prevent terrorists attacks. I have seen documentaries and other things in the media that lead us to believe that we may be a little closer to finding as solution. Already, we have begun to make traveling by plane a major undertaking and an oftentime tedious, risky process. I feel that it is often risky because we do not know the full scope of what will be deemed as a threat on a plane. I heard about people being detained or delayed simply for having a toe nail clip or a finger nail file in their carry-on bags. Perfumes (if not already prohibited) might even be seen as a threat if there is no way of really knowing the true contents of their containers. I have watched on the news and read in papers so much about the need to arrive very early to go through the security screening processes in enough time to make your flight. The worst case scenario I recently read about was one where passengers were prohibited from getting off the plane while it had been grounded longer than 2 hours just as a security measure. All of these hassles we must go through in an effort for the powers that be to try to sniff out potential terrorists or other threats.
The list of stories and bad experiences go and on, but from what I have seen, heard, or read so far, these incidences are rarely magnified because of these security screening processes are base upon promoting and maintaining national security. If a few feathers get ruffled in the process of achieving this broad based goal, then we have to see it as utilitarianism at best---the greatest good for the greatest number.
Some argue that there needs to be a modification to this process---an easier way to weed out the potential problems or threats to our national security. There is already so much technology being directed toward this effort and specialized training is continuously being provided to the essential personnel yet that is not enough.
Proponents for the increased use of technologic security measures would like to see biometric systems implemented to more accurately identify those who may or may not pose a threat to our national security(EFF Sep 2003). It seems that whatever systems are already being implemented must be deemed so much more inefficient perhaps due to their lack of ability to use unique identifiers to discriminate terrorists from ordinary citizens. Thus biometric-based security systems would resolve this inefficiency via a more accurate means for catching terrorists because they can use unique identifiers via human "bio" samples to spot these type of criminals during a simple scan (EFF 2003).
The belief is that biometrics (e.g. fingerprint) could pin point the correct person seeking to execute some harmful act in a less imperfect manner. If we would simply deploy this type of technology on a broad basis as the most appropriate security protocol, then we could ultimately rely on all other, less efficient methods a whole lot less.
The Electronic Frontier Foundation (EFF) is concerned that we are being duped into beleiving that this is best alternative, the end-all, be-all, cure-all by the marketing efforts of proponents for biometrics use (EFF Sep 2003). This group worries that this ideal of a "silver bullet (EFF Sep 2003)" mentality is diminishing the unspoken side effects of its use and what we know to be fact That fact is that database consistency is not guranteed because when managed by individuals it is likely to be error-prone or at risk for manipulation.
We can not escape errors eternally. Biometrics are not only limited by human error, but also by the hardware and other physical storage systems that will house them (e.g. failed and or outdated systems). What will happen if biometric data has to be continually transferred between systems for either system upgrades or information sharing? The potential for inconsistent retrieval of data and lost updates among many things are issues that need to be considered among a whole host of others.
The list of potential issues that are a major concern for the EFF and citizens who oppose the deployment of biometric systems on the national level will likely grow. We can expect no overnight eradication of terrorism via some magic pill or "silver bullet (EFF Sep 2003)." What we must have to do is weigh the issues and do more research before we adopt and implement biometrics on the enterprise level.
I agree with the EFF regarding taken a minimalist approach until we know more about the overall impacts of biometric systems. We should approach the use of all technology that will involve the storage and access of individuals bio-data and other personal data to make critical business decisions with caution even we become share the belief with EFF that biometrics may enhance the current technological security infrastructures thus they should be deployed in parallel to established systems.
We have to remember that the nature of decisions to be made based upon the information in these type of database systems is critical not only to the businesses that implement such systems, but also to the lives of the citizens who may suffer the greatest impact if something were to go wrong.
Reference Article or Link:
http://www.eff.org/wp/biometrics-whos-watching-you
The list of stories and bad experiences go and on, but from what I have seen, heard, or read so far, these incidences are rarely magnified because of these security screening processes are base upon promoting and maintaining national security. If a few feathers get ruffled in the process of achieving this broad based goal, then we have to see it as utilitarianism at best---the greatest good for the greatest number.
Some argue that there needs to be a modification to this process---an easier way to weed out the potential problems or threats to our national security. There is already so much technology being directed toward this effort and specialized training is continuously being provided to the essential personnel yet that is not enough.
Proponents for the increased use of technologic security measures would like to see biometric systems implemented to more accurately identify those who may or may not pose a threat to our national security(EFF Sep 2003). It seems that whatever systems are already being implemented must be deemed so much more inefficient perhaps due to their lack of ability to use unique identifiers to discriminate terrorists from ordinary citizens. Thus biometric-based security systems would resolve this inefficiency via a more accurate means for catching terrorists because they can use unique identifiers via human "bio" samples to spot these type of criminals during a simple scan (EFF 2003).
The belief is that biometrics (e.g. fingerprint) could pin point the correct person seeking to execute some harmful act in a less imperfect manner. If we would simply deploy this type of technology on a broad basis as the most appropriate security protocol, then we could ultimately rely on all other, less efficient methods a whole lot less.
The Electronic Frontier Foundation (EFF) is concerned that we are being duped into beleiving that this is best alternative, the end-all, be-all, cure-all by the marketing efforts of proponents for biometrics use (EFF Sep 2003). This group worries that this ideal of a "silver bullet (EFF Sep 2003)" mentality is diminishing the unspoken side effects of its use and what we know to be fact That fact is that database consistency is not guranteed because when managed by individuals it is likely to be error-prone or at risk for manipulation.
We can not escape errors eternally. Biometrics are not only limited by human error, but also by the hardware and other physical storage systems that will house them (e.g. failed and or outdated systems). What will happen if biometric data has to be continually transferred between systems for either system upgrades or information sharing? The potential for inconsistent retrieval of data and lost updates among many things are issues that need to be considered among a whole host of others.
The list of potential issues that are a major concern for the EFF and citizens who oppose the deployment of biometric systems on the national level will likely grow. We can expect no overnight eradication of terrorism via some magic pill or "silver bullet (EFF Sep 2003)." What we must have to do is weigh the issues and do more research before we adopt and implement biometrics on the enterprise level.
I agree with the EFF regarding taken a minimalist approach until we know more about the overall impacts of biometric systems. We should approach the use of all technology that will involve the storage and access of individuals bio-data and other personal data to make critical business decisions with caution even we become share the belief with EFF that biometrics may enhance the current technological security infrastructures thus they should be deployed in parallel to established systems.
We have to remember that the nature of decisions to be made based upon the information in these type of database systems is critical not only to the businesses that implement such systems, but also to the lives of the citizens who may suffer the greatest impact if something were to go wrong.
Reference Article or Link:
http://www.eff.org/wp/biometrics-whos-watching-you
Tuesday, April 1, 2008
What Are Data Warehouses? Looking Beyond The Obvious Definition
During my research on relational databases and database privacy issues, I kept getting search results for data warehouses and business intelligence. When I searched for the term, some searches gave me more technical information than I could digest. I used other resources to get a basic but official definition, but prior to that I just imagined that this was a SAT exam. Thus, I chose to use context clues in the abstract search results and my basic eye-balling of the word. Normally, I would call upon skills I acquired from some Latin in highschool to decompose the words, but I mean it seemed simple enough. So, I gather that it is basically information inventory (data) that is physically stored in a virtual warehouse. Although this inventory of data may be physically stored on computers and their harddrives, these physical storage systems are mobile unlike a physical warehouse of more tangible inventory. Data inventory in the sense of relocating an entire warehouse is more feasible via data transmission technologies than the transmission of tangible goods traditionally stored in warehouses. It sounds simple enough although some what contradictory.
Now, the following is the official definition that I got from Wikipedia, which seemed reasonable enough to prevent an instant headache.
Data Warehouses:
"A 'data warehouse' is a repository of an organization's electronically stored data. Data warehouses are designed to facilitate reporting and analysis. [1]
This classic definition of the data warehouse focuses on data storage. However, the means to retrieve and analyze data, to extract, transform and load data, and to manage dictionary data are also considered essential components of a data warehousing system. Many references to data warehousing use this broader context. An expanded definition for data warehousing includes tools for business intelligence, tools to extract, transform, and load data into the repository, and tools to manage and retrieve metadata (Wikipedia.com 02-Apr-08)."
After reading a simplified, but official definition then I realized the limitations of my definition of data warehouses. I discovered the limitations of my data warehouse definition rested with the purpose and implementation of data warehouses. I found an article called "The Case for Data Warehousing (Greenfield 1)" that helped me to understand what data warehouses are and why they are implemented.
What I gained from this article was that data warehouses can be massive storage for data about data or metadata in terms of storing data definitions in a database that represents a model for how data is to be used. They are stored separately from the operating system files so that data retrieval is faster.
During my research on relational databases and database privacy issues, I kept getting search results for data warehouses and business intelligence. When I searched a for the term, some searches gave me more technical information than I could digest. I used other resources to get a basic but official definition, but prior to that I just imagined that if this was a SAT exam. Thus, I chose to use context clues in the abstract search results and my basic eye-balling of the word. Normally, I would call upon skills I acquired from taking two years of Latin in highschool to decompose the words, but I mean it seemed simple enough. So, I gather is basically information inventory (data) that is physically stored in a virtual warehouse. Although this inventory of data may be phsically stored on computers and their harddrives, these physical storage systems are mobile unlike a physical warehouse of more tangible inventory. Data inventory in the sense of relocating an entire warehouse is more feasible via data transmission technologies than the transmission of tangible goods traditionally stored in warehouses. It sounds simple enough although some what contradictory.
Now, the following is the official definition that I got from Wikipedia, which seemed reasonable enough to prevent an instant headache.
Data Warehouses:
"A 'data warehouse' is a repository of an organization's electronically stored data. Data warehouses are designed to facilitate reporting and analysis. [1]
This classic definition of the data warehouse focuses on data storage. However, the means to retrieve and analyze data, to extract, transform and load data, and to manage dictionary data are also considered essential components of a data warehousing system. Many references to data warehousing use this broader context. An expanded definition for data warehousing includes tools for business intelligence, tools to extract, transform, and load data into the repository, and tools to manage and retrieve metadata (Wikipedia.com 02-Apr-08)."
After reading a simplified, but official definition then I realize the limitations of my definition of data warehouses. I discovered the limitations of my data warehouse definition were founded upon the purpose and implementation of data warehouses. I found an article called "The Case for Data Warehousing (Greenfield 1)" that helped me to understand what data warehouses are and why they are implemented.
What I gained from this article was that data warehouses can be massive storage for data about data or metadata in terms of storing data definitions in a database that represents a model for how data is to be used. They are stored separately from the operating system files so that data retrieval is faster. Basically, when companies decide to implement data warehouses they do so in hopes of improving the integrity, accuracy, and consistency of data and minimizing time required for processing database transactions. Overall, it is about database optimization.
Most companies who decide to implement a data warehouse do so to optimize the overall performance of their business by optimizing the management of data critical to their business or what mostly considered as business intelligence. The case for data warehouses can have serious implications on business if not executed successfully I gathered from the article, but mostly when I think about data modeling. I recall just how important that task was when I had perform it for information systems analysis and design. Each piece of data coming in and going out has to be processed, stored, and managed properly or the system of processes are virtually inefficient.
Still, I remain limited in my overall knowledge of subject. Therefore, I will simply say that I get the jist of what data warehouses are and their significance to business. I think that I may also have some good examples of data warehouses, but have no idea of how well they are being optimized. Perhaps, I can research two very popular ones (e.g. Social Security Administration and Credit Bureaus) to see what I can discover about how the data is being managed to create business intelligence.
Referencing Article:
http://www.dwinfocenter.org/casefor.html
Now, the following is the official definition that I got from Wikipedia, which seemed reasonable enough to prevent an instant headache.
Data Warehouses:
"A 'data warehouse' is a repository of an organization's electronically stored data. Data warehouses are designed to facilitate reporting and analysis. [1]
This classic definition of the data warehouse focuses on data storage. However, the means to retrieve and analyze data, to extract, transform and load data, and to manage dictionary data are also considered essential components of a data warehousing system. Many references to data warehousing use this broader context. An expanded definition for data warehousing includes tools for business intelligence, tools to extract, transform, and load data into the repository, and tools to manage and retrieve metadata (Wikipedia.com 02-Apr-08)."
After reading a simplified, but official definition then I realized the limitations of my definition of data warehouses. I discovered the limitations of my data warehouse definition rested with the purpose and implementation of data warehouses. I found an article called "The Case for Data Warehousing (Greenfield 1)" that helped me to understand what data warehouses are and why they are implemented.
What I gained from this article was that data warehouses can be massive storage for data about data or metadata in terms of storing data definitions in a database that represents a model for how data is to be used. They are stored separately from the operating system files so that data retrieval is faster.
During my research on relational databases and database privacy issues, I kept getting search results for data warehouses and business intelligence. When I searched a for the term, some searches gave me more technical information than I could digest. I used other resources to get a basic but official definition, but prior to that I just imagined that if this was a SAT exam. Thus, I chose to use context clues in the abstract search results and my basic eye-balling of the word. Normally, I would call upon skills I acquired from taking two years of Latin in highschool to decompose the words, but I mean it seemed simple enough. So, I gather is basically information inventory (data) that is physically stored in a virtual warehouse. Although this inventory of data may be phsically stored on computers and their harddrives, these physical storage systems are mobile unlike a physical warehouse of more tangible inventory. Data inventory in the sense of relocating an entire warehouse is more feasible via data transmission technologies than the transmission of tangible goods traditionally stored in warehouses. It sounds simple enough although some what contradictory.
Now, the following is the official definition that I got from Wikipedia, which seemed reasonable enough to prevent an instant headache.
Data Warehouses:
"A 'data warehouse' is a repository of an organization's electronically stored data. Data warehouses are designed to facilitate reporting and analysis. [1]
This classic definition of the data warehouse focuses on data storage. However, the means to retrieve and analyze data, to extract, transform and load data, and to manage dictionary data are also considered essential components of a data warehousing system. Many references to data warehousing use this broader context. An expanded definition for data warehousing includes tools for business intelligence, tools to extract, transform, and load data into the repository, and tools to manage and retrieve metadata (Wikipedia.com 02-Apr-08)."
After reading a simplified, but official definition then I realize the limitations of my definition of data warehouses. I discovered the limitations of my data warehouse definition were founded upon the purpose and implementation of data warehouses. I found an article called "The Case for Data Warehousing (Greenfield 1)" that helped me to understand what data warehouses are and why they are implemented.
What I gained from this article was that data warehouses can be massive storage for data about data or metadata in terms of storing data definitions in a database that represents a model for how data is to be used. They are stored separately from the operating system files so that data retrieval is faster. Basically, when companies decide to implement data warehouses they do so in hopes of improving the integrity, accuracy, and consistency of data and minimizing time required for processing database transactions. Overall, it is about database optimization.
Most companies who decide to implement a data warehouse do so to optimize the overall performance of their business by optimizing the management of data critical to their business or what mostly considered as business intelligence. The case for data warehouses can have serious implications on business if not executed successfully I gathered from the article, but mostly when I think about data modeling. I recall just how important that task was when I had perform it for information systems analysis and design. Each piece of data coming in and going out has to be processed, stored, and managed properly or the system of processes are virtually inefficient.
Still, I remain limited in my overall knowledge of subject. Therefore, I will simply say that I get the jist of what data warehouses are and their significance to business. I think that I may also have some good examples of data warehouses, but have no idea of how well they are being optimized. Perhaps, I can research two very popular ones (e.g. Social Security Administration and Credit Bureaus) to see what I can discover about how the data is being managed to create business intelligence.
Referencing Article:
http://www.dwinfocenter.org/casefor.html
More About the Oracle vs. PeopleSoft Battle
In a previous blog, I talked about just how much and how little I knew about PeopleSoft. I revealed that, despite pursuing a career in IT, I did not realize that PeoplesSoft was a major database company. However, I knew that PeopleSoft was a big deal because everywhere I turned someone was talking about PeopleSoft training. I also noted that my previous employer was making the transisition to deploy PeopleSoft systems just as I was exiting the company. Later, I discovered via a lot of media coverage of the Oracle v. PeopleSoft battle just who and what PeopleSoft was and that they were fighting Oracle's acquistion of them. Also, I mentioned that employee and customer attitudes at Peoplesoft were very unfavorable toward Oracle for various reasons with the most primary being jobs and product support. Besides what I presented previously and knowledge of Oracle's successful acquisition, there was not much that I knew about the whole Oracle vs. PeopleSoft battle. Therefore, I ended my blog with the promise to go seek more information about it.
During my research, I found this article "PeopleSoft's Last Hurrah?(Gilbert 21-Sep-04)" on CNET News.com. After reading it, I discovered that the concerns for Oracle's plan to discontinue support of PeopleSoft were valid ones. I don't know the exact details because I did not have time to do as much digging as I would have liked, but in this article there was mention of Oracle's plans to support the product for only 10 years after the acquistion. My immediate sentiment upon reading that was "Ouch!" Then, I began to think that 10 years is a long time in IT and technology will inevitably change faster than we can adapt to and adopt it. Yet, I could not ignore feeling what a company who may have invested a lot of money into the PeopleSoft product might actually be thinking at the onset and end of this battle. They had to see it has sunk costs obviously and began the preparation of fundraising for what may be the eventual costs of a new database platform. Or they could run the risk of keeping a product for which support may be limited to the expertise of internal personnel via product experience.
I contemplated PeopleSoft’s position for awhile, taking into account employee and customer concerns. Then, I tried to visualize things from the Oracle perspective. PeopleSoft was Oracle’s biggest competitor and well business is business. If we see it from a general business perspective, then it is basically the survival of the fittest and Oracle was determined to be the survivor. I imagined that the employees and customers at Oracle could easily have been in the same positions as those at PeopleSoft. Therefore, I take no sides in this matter, but try to foster understanding in business.
However, I did not understand how PeopleSoft despite being "...the second-largest supplier of enterprise resource management software, behind SAP and just ahead of Oracle (Gilbert 1)" was in the unfortunate position of being taken over by the very company it seemed to be outperforming. I am sure if I dug a little deeper then I could trace it all back to the financial statements and well whatever else those Wall Street journalists report. My research unfortunately was limited by time and general concern to satisfy the jist of my curiosity despite the article revealing the financial problems PeopleSoft faced after acquiring a rival company as well. All and all what I learned about the Oracle vs. PeopleSoft battle was that it represented another cycle of business in which a hostile takeover led to antitrust suits, bitter words between opposing CEOs; the eventual win for the acquiring company and loss for the acquired company; and the usual gamut associated with mergers and acquisitions.
Still, I would like to know a little more about Oracle, PeopleSoft, SAP, and other major providers of enterprise resource managemant software. I am really interested in Oracle more so now partly due to this topic, but primarily because it seems like the chosen one so often when I hear about databases, SQL, and other relative enterprise resource management discussions. Another unique reason is that there has been an Oracle headquarters or branch located near my past employer and now within walking distance of my home. Although I never really knew exactly what area I would pursue in IT, I always was fascinated by Oracle because of its association to databases and the fun I had building a database in community college. Who knows it may be a symbol of something, but I will not know until I actually gain more experience with database design without the ease of Microsoft Access.
Referencing Article:
http://www.zdnet.com.au/insight/software/soa/PeopleSoft-s-last-hurrah-/0,139023769,139160071-2,00.htm
During my research, I found this article "PeopleSoft's Last Hurrah?(Gilbert 21-Sep-04)" on CNET News.com. After reading it, I discovered that the concerns for Oracle's plan to discontinue support of PeopleSoft were valid ones. I don't know the exact details because I did not have time to do as much digging as I would have liked, but in this article there was mention of Oracle's plans to support the product for only 10 years after the acquistion. My immediate sentiment upon reading that was "Ouch!" Then, I began to think that 10 years is a long time in IT and technology will inevitably change faster than we can adapt to and adopt it. Yet, I could not ignore feeling what a company who may have invested a lot of money into the PeopleSoft product might actually be thinking at the onset and end of this battle. They had to see it has sunk costs obviously and began the preparation of fundraising for what may be the eventual costs of a new database platform. Or they could run the risk of keeping a product for which support may be limited to the expertise of internal personnel via product experience.
I contemplated PeopleSoft’s position for awhile, taking into account employee and customer concerns. Then, I tried to visualize things from the Oracle perspective. PeopleSoft was Oracle’s biggest competitor and well business is business. If we see it from a general business perspective, then it is basically the survival of the fittest and Oracle was determined to be the survivor. I imagined that the employees and customers at Oracle could easily have been in the same positions as those at PeopleSoft. Therefore, I take no sides in this matter, but try to foster understanding in business.
However, I did not understand how PeopleSoft despite being "...the second-largest supplier of enterprise resource management software, behind SAP and just ahead of Oracle (Gilbert 1)" was in the unfortunate position of being taken over by the very company it seemed to be outperforming. I am sure if I dug a little deeper then I could trace it all back to the financial statements and well whatever else those Wall Street journalists report. My research unfortunately was limited by time and general concern to satisfy the jist of my curiosity despite the article revealing the financial problems PeopleSoft faced after acquiring a rival company as well. All and all what I learned about the Oracle vs. PeopleSoft battle was that it represented another cycle of business in which a hostile takeover led to antitrust suits, bitter words between opposing CEOs; the eventual win for the acquiring company and loss for the acquired company; and the usual gamut associated with mergers and acquisitions.
Still, I would like to know a little more about Oracle, PeopleSoft, SAP, and other major providers of enterprise resource managemant software. I am really interested in Oracle more so now partly due to this topic, but primarily because it seems like the chosen one so often when I hear about databases, SQL, and other relative enterprise resource management discussions. Another unique reason is that there has been an Oracle headquarters or branch located near my past employer and now within walking distance of my home. Although I never really knew exactly what area I would pursue in IT, I always was fascinated by Oracle because of its association to databases and the fun I had building a database in community college. Who knows it may be a symbol of something, but I will not know until I actually gain more experience with database design without the ease of Microsoft Access.
Referencing Article:
http://www.zdnet.com.au/insight/software/soa/PeopleSoft-s-last-hurrah-/0,139023769,139160071-2,00.htm
"Create One Version of Truth": Can This Ideal Be Realized in Databases Managed by Humans?
In my blog "Could 'End-User Buy-In And Support For Accurate Data' Resolve The 'Garbage-In, Garbage-Out' Issues Of Databases?", I discussed how the company in the article, Renassler Polytechnic Institute, had developed what could be a best practices methodology for ensuring accurate data and consistent databases within its company. I summarized the list of steps or things that Renassler implemented to faciliate this process of maintaining accurate data while gaining a consistent database in return. The list is included again as the following:
1. Create cross-functional support.
2. Think big, start small, deliver quickly.
3. Create one version of data truth.
4. Provide support for new behaviors.
Notice that I put the third item in the list in boldface type to coincide with this blog topic. I was reviewing the list of blog entries on this site to ensure that any blogs that were a prequel to a series of subsequent blogs had indeed been followed up by those sequel blogs. When I scanned the list of specific ones to concatenate, this blog suddenly redirected my focus. I kept thinking about a recent situation in which a critical judgement or decision had been made on the basis of certain information provided by what was obviously deemed an accurate and reliable repository. Although the data gathered from this repository was not subjected to check constraints, it was presumed accurate.
Thus a critical decision or judgement was made when in fact the data retrieved from this repository was actually inconsistent. The repository had not been updated to reflect errors made thus it was presented to the end user as valid. A major issue with this inconsistent data was that, first, the keeper of the data made a mistake, acknowledged it, but either for lack of accountability or perhaps forgetful intentions did not update the repository. When confronted with the error, the data keeper (dba) still did not make changes to the repository thus the data retrieved resulted in actions and ideas that had negative impacts on the objects in the repository when inconsistent, inaccurate data was retrieved.
In search of understanding what caused the bad data to be stored in the repository despite knowledge of errors, a deficiency was discovered. There had been no clearly defined data definitions or any model for how information or different events would be be handled since the business had hired a new data keeper (dba). Thus, problems surfaced because the business requirements had changed and no one had updated the repository to reflect those changes. Users kept making updates that either were being discarded or lost because the new data keeper did not communicate the new business rules therefore any inconsistent data kept being rewritten. The problem was the lack of communication regarding data issues on the behalf of the data keeper. Information continued to be modified so much that it began to cause conflict and to resolve it the data keeper created a version of truth for the repository and communicated the change to upper management instead of the users. Upper management then made a critical decision influenced by bad data and a desire to resolve the chaos within the system. Data definitions were established and business rules were communicated to users and stored in a new repository as a version of truth. It seemed that a lot of the problems were resolved for the data keeper and upper management, but not the users. Inconsistent data and poor communication had tarnished the users' creditability and no one had created one version of truth.
There was a version of truth extracted from the repository, but it was inaccurate. Then, there was a version of truth communicated to upper management via the users that was deemed unworthy of recording to the new repository despite validity. Upper management stepped in at the request of the new data keeper to establish a version of truth that everyone would have to accept. This eliminated chaos, but did not truly create one version of truth because there were multiple ideals of what the one version of truth entailed. Since neither set of data had been checked against each other and no concatenation of data had been obtained from the repository (dba), the users, and upper management, then no one was able to create one version of truth.
This is sort of a wacky analytical blog in which the revelation is that just like there's multiple sides to every story there is such with the presentation of information stored in databases. What makes a single story have so many sides is that each user can interpret data in a variety of ways and based upon some ideal can present it as they see fit. This may lead to inconsistencies in the data and cause problems for the database system if there are no checks and balances. Since individuals maintain databases and can modify within certain restrictions data contained in databases, there is potential for human errors. If no one is willing to check the database for those errors to ensure that all data is consistent with everything that has been presented, then it will be impossible to have a database with one version of truth. It will be more along the lines of deciding whose version of truth is more acceptable despite bad data thus making this concept difficult to realize in some settiings.
1. Create cross-functional support.
2. Think big, start small, deliver quickly.
3. Create one version of data truth.
4. Provide support for new behaviors.
Notice that I put the third item in the list in boldface type to coincide with this blog topic. I was reviewing the list of blog entries on this site to ensure that any blogs that were a prequel to a series of subsequent blogs had indeed been followed up by those sequel blogs. When I scanned the list of specific ones to concatenate, this blog suddenly redirected my focus. I kept thinking about a recent situation in which a critical judgement or decision had been made on the basis of certain information provided by what was obviously deemed an accurate and reliable repository. Although the data gathered from this repository was not subjected to check constraints, it was presumed accurate.
Thus a critical decision or judgement was made when in fact the data retrieved from this repository was actually inconsistent. The repository had not been updated to reflect errors made thus it was presented to the end user as valid. A major issue with this inconsistent data was that, first, the keeper of the data made a mistake, acknowledged it, but either for lack of accountability or perhaps forgetful intentions did not update the repository. When confronted with the error, the data keeper (dba) still did not make changes to the repository thus the data retrieved resulted in actions and ideas that had negative impacts on the objects in the repository when inconsistent, inaccurate data was retrieved.
In search of understanding what caused the bad data to be stored in the repository despite knowledge of errors, a deficiency was discovered. There had been no clearly defined data definitions or any model for how information or different events would be be handled since the business had hired a new data keeper (dba). Thus, problems surfaced because the business requirements had changed and no one had updated the repository to reflect those changes. Users kept making updates that either were being discarded or lost because the new data keeper did not communicate the new business rules therefore any inconsistent data kept being rewritten. The problem was the lack of communication regarding data issues on the behalf of the data keeper. Information continued to be modified so much that it began to cause conflict and to resolve it the data keeper created a version of truth for the repository and communicated the change to upper management instead of the users. Upper management then made a critical decision influenced by bad data and a desire to resolve the chaos within the system. Data definitions were established and business rules were communicated to users and stored in a new repository as a version of truth. It seemed that a lot of the problems were resolved for the data keeper and upper management, but not the users. Inconsistent data and poor communication had tarnished the users' creditability and no one had created one version of truth.
There was a version of truth extracted from the repository, but it was inaccurate. Then, there was a version of truth communicated to upper management via the users that was deemed unworthy of recording to the new repository despite validity. Upper management stepped in at the request of the new data keeper to establish a version of truth that everyone would have to accept. This eliminated chaos, but did not truly create one version of truth because there were multiple ideals of what the one version of truth entailed. Since neither set of data had been checked against each other and no concatenation of data had been obtained from the repository (dba), the users, and upper management, then no one was able to create one version of truth.
This is sort of a wacky analytical blog in which the revelation is that just like there's multiple sides to every story there is such with the presentation of information stored in databases. What makes a single story have so many sides is that each user can interpret data in a variety of ways and based upon some ideal can present it as they see fit. This may lead to inconsistencies in the data and cause problems for the database system if there are no checks and balances. Since individuals maintain databases and can modify within certain restrictions data contained in databases, there is potential for human errors. If no one is willing to check the database for those errors to ensure that all data is consistent with everything that has been presented, then it will be impossible to have a database with one version of truth. It will be more along the lines of deciding whose version of truth is more acceptable despite bad data thus making this concept difficult to realize in some settiings.
What Are Biometrics?
The first time I ever heard of this term biometrics was two years ago during a database concepts lecture. Yet, when it was explained to me I knew that it was a big deal on the news after the 9/11 incident. I believe at that time I was so bombarded by the news constantly reporting national security issues and intelligence conferences where major IT security companies were heavily sought. Vaguely, I remember an anchor person talking about how the government was considering the use of software that could identify criminals, terrorists, or otherwise potentially dangerous individuals before the board a plane simply by scanning the irises of their eyes. Immediately, I thought wow we're really going sci-fi now. I can not recall how many times I had seen all that technology in futuristic movies, spy movies, and movies that involve government corruption e.g. Enemy of the State, Pelican Brief, and the list just gets longer. Still, I had never really made the connection to databases despite being obviously aware that some instance of information sharing and checking had to occur. Thus, I decided I to look around to see what interesting articles I could find about biometrics.
First, I just wanted to know what it meant. An official definition for biometrics was provided on the website http://www.eff.org/wp/biometrics-whos-watching-you and given as the following:
"Biometrics refers to the automatic identification or identity verification of living persons using their enduring physical or behavioral characteristics. Many body parts, personal characteristics and imaging methods have been suggested and used for biometric systems: fingers, hands, feet, faces, eyes, ears, teeth, veins, voices, signatures, typing styles, gaits and odors ."
Biometrics as far as I understand are basically metric systems (or measuring systems) based upon living organisms or tissue (bio) that is used in an attempt to uniquely identify (primary key ideal) individuals. My interpretation or paraphrasing of the term calls to mind a database. When I think about how biometrics can be used to discriminate one related entity from another, then I begin to think about primary keys which uniquely identify a set of data and normalization which optimizes the retrieval of that data. However, like most databases there are limitations and potential for errors. And this presents a lot of major concerns for the EFF and others, which leads to another blog discussion on biometrics.
First, I just wanted to know what it meant. An official definition for biometrics was provided on the website http://www.eff.org/wp/biometrics-whos-watching-you and given as the following:
"Biometrics refers to the automatic identification or identity verification of living persons using their enduring physical or behavioral characteristics. Many body parts, personal characteristics and imaging methods have been suggested and used for biometric systems: fingers, hands, feet, faces, eyes, ears, teeth, veins, voices, signatures, typing styles, gaits and odors ."
Biometrics as far as I understand are basically metric systems (or measuring systems) based upon living organisms or tissue (bio) that is used in an attempt to uniquely identify (primary key ideal) individuals. My interpretation or paraphrasing of the term calls to mind a database. When I think about how biometrics can be used to discriminate one related entity from another, then I begin to think about primary keys which uniquely identify a set of data and normalization which optimizes the retrieval of that data. However, like most databases there are limitations and potential for errors. And this presents a lot of major concerns for the EFF and others, which leads to another blog discussion on biometrics.
Should We Be Concerned About Biometrics?
Referencing Article:http://www.eff.org/wp/biometrics-whos-watching-you
"Why be concerned about biometrics? Proponents argue that:
A) biometrics themselves aren't dangerous because all the real dangers are associated with the database behind the biometric information, which is little different from problems of person-identifying information (PII) databases generally;
B) biometrics actually promote privacy, e.g., by enabling more reliable identification and thus frustrating identity fraud.
But biometric systems have many components. Only by analyzing a system as a whole can one understand its costs and benefits. Moreover, we must understand the unspoken commitments any such system imposes (EFF Sep 2003)."
I read this and was moved by the idea that a system that could have significant implications on personal identification data is being prematurely recommended for broad based deployment without significant analysis of its advantages and disadvantages.
The advantages of biometrics seem to create a false sense of security I believe in part because we have relied on them for so long in other applications. Biometrics have been used in law enforcement where we fingerprint criminals and maintain that information in records to possibly identify repeat offenders, update current records with new information about individuals, or for use in otherwise pertinent applications. As far as I know, fingerprints have been very reliable in identifying individuals and solving criminal cases and now with the advancement in forensic science we are able to use DNA and DNA databases to close cases that would otherwise be deemed cold or open indefinitely. This biometric data has also been very useful in exonerating the falsely accused and getting justice for these individuals and their families.
It seems simple enough that we could rely on "bio" samples unique to each individual to perform check constraints against "live" samples in biometric databases (EFF Sep 2003). Yet, I have to wonder what would happen in the case of individuals who share similar DNA characteristics particularly in the case of twins, parents, other siblings, and family members. Now, the argument could be made that each individual's fingerprints are unique, but what about in the case of scanning faces and other body parts for personal identification? I have lost count of the number of times someone has mistaken me, my mother, and or my sister for someone else. Most of the times it was because we look so much like other members of our family, which is to be expected, when someone just glances at your face and recalls a familiar image. I can see this also being a potential problem for a database system as well. The possibility for potential errors seem to exceed the scope of biometrics particularly when you factor in identical twins. I am just curious to know how we could prevent mistakes in that instance. These are just one or two potential disadvantages of biometrics. Obviously, we need to rethink early adoption of these systems as primary tools for personal identification.
I agree with the Electronic Frontier Foundation in that we need a realistic model to build the most efficient biometric systems before we can implement this technology instead of promoting it as a cure all solution for personal identification and the most accurate way to combat crimes that rely on biometric resolutions. We do not know enough about the impacts of relying too heavily on such systems. It is very easy to allow the pros to outweigh the cons when we approach advancements in technology. It is almost like kids who are easily persuaded by the promotion of all these innovative and technologically advanced toys or gadgets so they easily adopt them via persuading their parents of the surface benefits. For example, the continuous stream of video games and cell phones that saturate the market. We do not realize that with the early adoption of these systems and gadgets that we ultimately pay the price of systems and phones that become outdated almost the moment we buy them or poor behaviors that result of not understanding the full extent of product adoption (e.g. laziness on the behalf of children who would rather sit and play games all day instead of being active or excessive text messaging that leave us paying exorbitant fees associated with cell phone bills). We may get more than we bargained for if we act prematurely in the adoption of new technologies instead of thinking things through before we act.
It all comes down to asking ourselves the question of whether we should be concerned about biometrics, gathering data about that question, and evaluating and analyzing that data before we rush into deploy a system that may do more harm than its proposed good.
"Why be concerned about biometrics? Proponents argue that:
A) biometrics themselves aren't dangerous because all the real dangers are associated with the database behind the biometric information, which is little different from problems of person-identifying information (PII) databases generally;
B) biometrics actually promote privacy, e.g., by enabling more reliable identification and thus frustrating identity fraud.
But biometric systems have many components. Only by analyzing a system as a whole can one understand its costs and benefits. Moreover, we must understand the unspoken commitments any such system imposes (EFF Sep 2003)."
I read this and was moved by the idea that a system that could have significant implications on personal identification data is being prematurely recommended for broad based deployment without significant analysis of its advantages and disadvantages.
The advantages of biometrics seem to create a false sense of security I believe in part because we have relied on them for so long in other applications. Biometrics have been used in law enforcement where we fingerprint criminals and maintain that information in records to possibly identify repeat offenders, update current records with new information about individuals, or for use in otherwise pertinent applications. As far as I know, fingerprints have been very reliable in identifying individuals and solving criminal cases and now with the advancement in forensic science we are able to use DNA and DNA databases to close cases that would otherwise be deemed cold or open indefinitely. This biometric data has also been very useful in exonerating the falsely accused and getting justice for these individuals and their families.
It seems simple enough that we could rely on "bio" samples unique to each individual to perform check constraints against "live" samples in biometric databases (EFF Sep 2003). Yet, I have to wonder what would happen in the case of individuals who share similar DNA characteristics particularly in the case of twins, parents, other siblings, and family members. Now, the argument could be made that each individual's fingerprints are unique, but what about in the case of scanning faces and other body parts for personal identification? I have lost count of the number of times someone has mistaken me, my mother, and or my sister for someone else. Most of the times it was because we look so much like other members of our family, which is to be expected, when someone just glances at your face and recalls a familiar image. I can see this also being a potential problem for a database system as well. The possibility for potential errors seem to exceed the scope of biometrics particularly when you factor in identical twins. I am just curious to know how we could prevent mistakes in that instance. These are just one or two potential disadvantages of biometrics. Obviously, we need to rethink early adoption of these systems as primary tools for personal identification.
I agree with the Electronic Frontier Foundation in that we need a realistic model to build the most efficient biometric systems before we can implement this technology instead of promoting it as a cure all solution for personal identification and the most accurate way to combat crimes that rely on biometric resolutions. We do not know enough about the impacts of relying too heavily on such systems. It is very easy to allow the pros to outweigh the cons when we approach advancements in technology. It is almost like kids who are easily persuaded by the promotion of all these innovative and technologically advanced toys or gadgets so they easily adopt them via persuading their parents of the surface benefits. For example, the continuous stream of video games and cell phones that saturate the market. We do not realize that with the early adoption of these systems and gadgets that we ultimately pay the price of systems and phones that become outdated almost the moment we buy them or poor behaviors that result of not understanding the full extent of product adoption (e.g. laziness on the behalf of children who would rather sit and play games all day instead of being active or excessive text messaging that leave us paying exorbitant fees associated with cell phone bills). We may get more than we bargained for if we act prematurely in the adoption of new technologies instead of thinking things through before we act.
It all comes down to asking ourselves the question of whether we should be concerned about biometrics, gathering data about that question, and evaluating and analyzing that data before we rush into deploy a system that may do more harm than its proposed good.
Subscribe to:
Posts (Atom)
