I noticed the thread about alternative medicine. Although it certainly is an interesting question or decision, I am still surprised how many people barely talk about the (in my opinion) even more important vote about biometric passports and ID cards. Because their effect on society are much more concerning.

Make sure to absolutely vote against those, if you can. And possibly make your relatives or swiss friends become aware of the importance of this vote.

- Any form of centralised database storage for personal data is in it's essence a high risk; Be it modern attempts like the upcoming biometry standards, or historically known systems like the "Stasi" files in the DDR. As soon as information is centralised, abuse cannot no longer be prevented, therefore centralised systems have to be avoided in first place.

- The argumentation of "Schengen" being in danger if obligatory biometric passports and IDs are not accepted is part of the usual fear-mongering, and is absolutely untrue. The way our uninformed parliament was rushed into introducing these laws shows that there are apparently completely different motivations behind the introduction of biometry.
The international or european laws do not demand biometry. Even in Germany no one is forced to have a biometric passport or ID card. The regulations our parliament tried to introduce are actually far more restrictive, than needed to fullfil international standards.

- The current security standards for passports and ID cards are amongst the safest possible solutions. There is no need for biometric passports and RFID. Since their own safety is strongly criticized amongst IT and data privacy experts. The information can easily be extracted with RFID-Readers. So even in regards of "security" RFID and biometry systems are completely obsolete. Not even mentioning the costs here...

Obviously this important vote, is similarly being blacked out by the media as few months back when citizens were gathering signatures to make this referendum actually happen. Therefore I feel that it is important to at least mention it somewhere else.

For more information you might want to check out http://www.freiheitskampagne.ch/
Those are the people who actually made this vote possible.

I'm not sure about english ressources about this topic, but maybe someone else has got an idea.

I agree with you, it is unnecessary for a biometric swiss pass, swiss secure and security is good enough, we need not make all of us what americans want, if any countries require of our visa, then we should also the countries require a visa,
No one wishes his own data by anonymous viewed.where is the private atmosphere.this idea will disturbing only human privacy.

I am not against biometrics in the swiss passport, although I wonder if it will be as effective as claimed.

What I am against is the central storage of the fingerprints in a national database. This is not required by the Schengen Treaty nor by the US Customs. It's is simply a 'nice to have' swiss addon to the deal, they hoped to get passed us ...

"The information can easily be extracted with RFID-Readers. "

I used to work on ePassports area - the information that can easily be extracted is the information that is visible on the printed page - the biometric data is far more protected.
And some passports I saw even had RF Shielding so to read even the non-sensitive data you had to be in physical control of the passport.

I am not going to argue whether they are necessary or not - if my income still depended on it I would say yes , but as for security, any IT system is only as secure as its weakest link - I didnt have any dealings with centralised databases so cant comment on that side.

Errmmm, not quite true. I had to renew my German passport in December and the only way of doing that was getting a new, biometric one. The "standard" non-biometric passports are valid until their first expiry date, if you need to renew, you need to fingerprint.

To be honest I've just recently begun to concern myself with the biometric passport.

For Schengen the Swiss need a biometric passport. I'm not sure that the ID card will be accepted for travel in the Schengen area if it won't carry biometric data. Generally I think the no campaign downplays the disadvantages of rejecting biometric identification altogether. As far as I remember the visa application process for the USA is a major pain, and well it's great for the UK that they are part of Schengen without agreement about the ID requirements, but it doesn't facilitate travel for its citizens.

The central database is the main argument against the new passport, as I see it. The new Swiss passport has RF shielding which I assume is effective. The encryption key is 35 bit (effective length) though The other security concerns that the campaign brings to the table aren't very specific for RFID in my opinion if you trust the organisations you hand over your passport to read it.

RF shielding is a more valid concern for the biometric ID card that is around the corner.

Expenses are another point worth a mention. Application for a passport will be more complicated because of the photos, and after the doubling of the passport price last time, the ID card will likely get more expensive, too.

So I hope a no will lead to a reconsideration of the central database and the preservation of at least one kind of biometry-free official ID, be it the card or the passport.

I have never really understand the concerns of people who are against biometric passports, and this thread hasn't yet answered my question. Can someone spell it out for me?

I know we have information flowing all over the world when we use credit cards, is that less of a concern. Just asking, I really have no opinion on this and hope it is more than a quaint dislike of something with 'big-brother or American' inferences.

If you check in,in a USA airport american swipe there credit card or some other ID in what they call "kiosk"for your bording passes and your luggage.If you are not american you have to use your passport and I think only "Biometric will doo".So no more checkin personel requiert .Back to the future

Well, it's a relief then that your income no longer depends on RFID.
After what I have seen in regards of biometric "security measures" I actually do not believe that the government or anyone else really cares about security on the passports. They are doing a damn good job at forcing as many people as possible into this new form of control though; in the name of anti-terrorism and security blah. If they made the same efforts towards protecting this system and citizen's data... there might have even been an "acceptable" result.

I think this was the Dutch passport, which had a too short encryption. Anyway:
http://blog.1n8.de/2008/09/30/epass-gehackt/

Even the RF Shield you mention seems more like a joke than anything else.
http://www.mediformatica.com/radio-f...-flexilis.html

Whatever they come up with, it's never going to be as good as the oldschool security-printed paper etc. Which is almost impossible to be falsified. (At least compared to this hilarious RFID chip)



CCC in Germany has already created a duplicate passport with the fingerprints of the interior minister "Schäuble". They got his fingerprints off a drinking, glass... not off his passport. But still it shows how easily someone could become victim of identity theft.

Yes. There are two versions of the passport in Germany though: v1 and v2. The first one only includes a photo, the second one has also got the fingerprints. Afaik the one with the photo can be chosen and is enough of biometric data to be valid. In any case: Compared to what our swiss parliament has planned for us. In Germany the data from your passport is not centrally stored. It's also only stored on the local department where you make your passport for that precise time. When you get your passport, your locally stored data has to be deleted.

And this is an important difference.

It's nice to hear that at least someone has already plunged into this topic on his own motivation. It is true; Denmark, UK and North Ireland are perfectly part of Schengen, despite the fact that they did NOT accept the packages for Biometric ID cards etc. Which is proof enough that Schengen is absolutely not in danger. I don't know how "uncomfortable" travelling becomes without biometric submission, but tbh: I don't travel that much. If making things "uncomfortable", and complicated is the way they want to force us into having RFID. If that's one of their arguments; I'd be happily travelling with complications, defying the new-age "comfort" everyone desperately needs.

And you are absolutely right. The central storage is probably the biggest problem. Nevertheless I'd still prefer if no RFID would be introduced at all. Send those servants back to where they came from; Empty handed.
No RFID cash/control-cow to milk here, that would be nice.

You know dakman. If big-brother "threats" are something completely hilarious to you, well that's ok. But if you want to have an opinion; You have to do a little bit of homework yourself.

The main problem is central privacy data storage, abuse thereof, security issues, exagerrated control and fear-mongering for little effective use. etc. There are more than enough hints in this thread I guess. And it's completely up to you. Either close your eyes, go on.. and laugh about it or take a moment, and open your eyes. And try to understand what might be going on, or might be coming in future.

Maybe the holocaust, ddr stasi, fischen scandal, US anti-terrorism act and other terms might be more clear for you to understand:





Kind of frightening, isn't it?
And I can assure you I'm not paranoid, and it hasn't got anything to do with anti-americanism. I'm just concerned about what's going in my country, concerned about what changes are going to come to my own social life and to the social lives of my friends, family and everyone else.
If you look at the past, the present and the future, this stance is absolutely legit.

I'm perfectly willing not to travel to the US, if that's really what they want. ;]

Word. What the referndum asks for is simply that each one of us has the option about deciding if they want RDIF or not in future. They tried to sneak it past us and failed, thanks to a few brave individuals who spent months working really hard for this referendum to happen. Against all odds. And thanks to them actually making use of the swiss political system. We are able to have a say and defend ourselves.

Voting against the RFID agenda is not only a privilege, it's a necessity.

The "Dutch hack" is not what I would call a hack.

It shows the data available on the printed page being manipulated - as I said this data is not protected well, referred to as Basic Access Control (BAC). DES, publicily available documentation on how to calculate the keys. Doesnt take an evil genius to do this.

This is basically a test phase of the passports, no biometric data is stored on a BAC passport.

Extended Access Control (EAC) involves greater cryptography, where there are chains of certificates that must be verified before the biometric data can be read.

I've voted against the new passports and IDs. While I don't mind the biometric data stored in the passports, I believe the central database behind the system is a fatal mistake. As soon as we get our first major terrorist attack in Switzerland or a serial rapist, a serial killer etc. this database WILL be used for criminal investigations, no matter what Mrs. Widmer-Schlumpf is claiming now.

The Schengen accords don't call for a central database, so why set one up? The biometric passports can easily be issued without one.

Peter

I am not laughing, just trying to understand from a rational perspective the concern. I am not one to look at things from an emotional perspective and tend to have very strong opposition to those who try to use fear mongering for whatever purpose. I don't support the government or media scaring us into reactions but I also find it offensive when others try to use the same tactics for the opposite effect - which you seem to be doing here. I find it strange that your reaction to government fearmongering is more fearmongering???

I would try to make your argument for you but I don't know where to begin

A central database, I see a lack of need with that. In fairness, Switzerland is one of the hardest places in the world to hide from the authorities, everyone has to register to begin with.(in other countries, including my own, they have no idea who is in the country and no one has to register where they live). In Switzerland, it is much harder to live underground from the local authorities at least.

There have been two good articles about the passport vote in NZZ this week. One goes into the specifics of the database and the other is a debate that touches many of the mentioned advantages and disadvantes of the law.


Article about the database

The database was created in 2003 with software from Oracle and hardware from Sun. It's a central one and currently about 1 TB in size and stored on a RAID (hey I only quote what is written ). It stores information about 5.3m people who carry 3.9m passports, additionally ID cards and emergency passes are stored there, too.

Access to the database is currently limited to the Federal Office of Police (Fedpol), but graded access will be given to the cantonal passport authorities later.

"Nobody" has the authority to copy fingerprints from the database. Instead the user submits a fingerprint and the database answers if it's a match to the alleged person's profile or not.

Fedpol expects that fingerprings are a higher barrier against passport fraud than photos. Since the database introduction in 2003, sixty fraudulent applications were detected.

Technically it is not a problem to connect 26 decentralised databases, but it will be more expensive. The additional expenses on the database end for the addition of fingerprints are expected to be minimal on the other hand.


Debate between the no and yes camp (SP and FDP in this case but that's a simplification)

On the chip standard
FDP: The chip is the internationally acknowledged standard.

On choice and biometry
FDP: Every country has only one kind of passport according to international contracts. We have the liberty to introduce several standards in ID cards.
SP: The no camp is not against the biometric passport on principle, but against the centralised database, and only insists on a fingerprint free option for ID cards.

On fingerprints
FDP: Just like our banknotes, the passport must excel other countries' passports in security to improve travel especially outside the Schengen zone.
SP: Long term, the fingerprint database will be used for purposes that are now not allowed.

On decentralisation
FDP: Decentralisation is not inherently more or less secure from the database end. However decentralisation implies that third parties and non-governmental parties must be allowed to read (and consequentially can store) the whole passport information because the data protecting yes/no check I described above can't work. A centralised database in Switzerland is preferable to a scenario with decentralised data collections around the world.
SP: The above statement is not true when it comes to fingerprints. They'll be used for police work which outweights the benefits.

On inconveniences of centralised applications
FDP: The cantons are free to offer applications at several locations. And biometry-free ID cards will still be available at every municipality.
SP: Agree on biometry-free ID cards, but it's still a nuisance that affects the elderly and invalid.

On consequences of a no vote
FDP: The Swiss may fall out of the US Visa Waiver Program and 30 similar agreements with other countries may end. Applications at domestic embassies are tiresome and at times arbitrary. Application at embassies requires to give one's fingerprints to the other state anyway. Switzerland will miss the Schengen treaty deadline for a biometric passport on 1.3.2010.
SP: It is possible to prepare improved regulations for a biometric Swiss passport until the Schengen deadline. There are no consequences for the Schengen treaty nor third countries.

Position of NZZ:
While improved protection against passport forgery and fraud is indeed a benefit of the centralised database, it is outweighted by data protection concerns. The newspaper recommends to vote no.

Of course it will! Swedish authorities did not hesitate very long to use a similar database when it came to nailing down the murderer of their foreign minister Anna Lind. So rest assured, that no matter what the politicians are claiming, when a cause comes that they find "just" they will happily brake their promise.

Please educate us on the use and more importantly abuse of the Stasi files in the DDR.

http://en.wikipedia.org/wiki/Stasi

Priceless.

See, I've got personal experience with a rather more devious outfit than the Stasi, and wanted to know whether your assessment of the situation is based on general brainwashedness or otherwise. Probably the first, else you'd know a central database wouldn't change diddlysquat as far as the modus operandi of the type services you mention is concerned, since most surveillance and enforcement field work is carried out on a local basis.

But thanks for trying.

I don't see any need for all this. Waste of time, effort and $. Like those perfect roads in my area that get dug up 100000 times every year. I got branded on my back side when I was in a pig farm so against keeping too much details of non-criminals.

The opinion polls are showing a clear YES majority for the bio passports. Even the SVP members are 50:50 despite a party NO.