[Previous entry: "Regaining self-respect"] [Main Index] [Next entry: ""The Case for Conscientious Non-Voting" Part I"]

09/09/2004 Archived Entry: "Microsoft wants your fingerprints"

Today's humor: Diebold to Buy Federal Election Commission.

Ah, Diebold. Perhaps we may see some coverage of -- and action against -- the Diebold voting tamperers -- er, tabulators -- after all. Black Box Voting reports that the California Attorney General and Alameda County have joined the private citizens' false claims lawsuit against Diebold. This made it to Reuters and CNN. (I guess it's not newsworthy unless it comes from a government agency; and it's so much easier to read government press releases than to engage in that tiresome investigative journalism.) Apparently this will just be a civil suit and not a criminal investigation. Someone has decided to be nice to Diebold, since a criminal conviction would probably ruin the market for their voting machines.

Thanks to our friend Pat T. for bringing this to my attention: Microsoft is going to start selling computer keyboards with built-in fingerprint readers.

This seems to be another security band-aid for Microsoft; having persuaded people to store their passwords on their hopelessly insecure operating system, they now want to provide some superficial measure of protection. (I lost one of my Internet passwords a few years ago, when I was still using Windows. It took me only 30 minutes to search the web, find a Windows password cracker, and recover my lost password from the "encrypted" disk file.)

So at first I thought this was pointless and irrelevant. I'll never buy one of those keyboards. But then I thought, this is just the sort of thing that a Windows-trapped company will buy in the hopes of securing its computers; countless employees will then be required to log in at work with fingerprints....and what steps will be taken to protect that private "biometric" data?

Remember, this is Microsoft. This is the company that programmed Windows Media Player so that, whenever you watch a DVD on your personal computer, the title of that DVD (and identifying data about your computer) is sent to Microsoft HQ. Who wants to bet that Microsoft won't be starting their own private little fingerprint database? Could the next generation of Windows require you to use fingerprints to activate the software? (I'm sure they'll say they need this to combat piracy.)

And then of course there is the phenomenon of employers installing "keyboard loggers" on the company PCs, that intercept all the data sent from the keyboard to the PC -- so they can see what you're doing, without your knowledge. How long before someone markets a surreptitious "fingerprint logger" that captures that information? Does your employer have the right to your fingerprints? (Is it legal now for your boss to "dust" your office and grab your prints? I don't know.)

The latest wrinkle in the identity theft biz are the viruses and worms that capture your banking information and passwords from your (Windows) computer. How long before someone circulates a virus to grab your fingerprint, too? Microsoft will assure you that this can't happen, but how many such assurances have they failed to keep? (In the ongoing battle between Microsoft and the legions of Windows crackers, who would you bet on?)

So, my advice to employers is: do not use these keyboards to control computer access, since you may be invading your employees' privacy -- even without your knowledge -- and setting yourself up for a lawsuit. Employees, refuse to use these keyboards. If you absolutely must use them as a condition of employment, get a written assurance that your personal data will be held in complete confidence and not revealed to anyone for any other purpose than access to your PC. Get legal advice on this. I'm not a lawyer; I don't know what privacy rights you still have in these times, and I certainly don't know how to write a privacy agreement with some real teeth.

brad