Dr. Peter Lock
European Association for Research on Transformation e.V.

The economic dynamics of biometric control technologies

Working Paper

Challenge - Liberty & Security

Peter Lock; Wolfgang Schreiber WP 4

Content

Background and aim
Putting biometrics into a wider context
How to investigate applications and the impact of biometric technology
Biometric outlook in 2002 based on pre 9-11 data
Outlook in 2007
Government procurement and the economics of innovation
A new bureaucratic-industrial complex?
Preliminary conclusion and implications for research on biometry in Challenge
Postscript
References (selection)
The biometric industry by countries World
Map Biometry in Germany 2006

Background and aim

The implicit hypothesis that the adoption of biometric border control technologies in reaction to 9-11 and the ensuing Global War on Terror declared by the Bush-administration have the potential of subtly creating a "Big Brother" executive and emit pressures towards the EU to follow suit dominates liberal discourses. Some observers (Hayes 2006) even claim that a "security-industrial complex"[1] is in the making. Given that many claims associating biometric control technologies with enhanced security are either not proven or possibly false, it appears sensible to scrutinize public budgets and balance sheets of private companies, like airports, harbours, airlines etc. being forced to invest heavily in measures supposedly improving security including sophisticated biometric control technologies.

Such a step is in line with the underlying core concern of the Challenge network defending liberty by identifying the malicious potential of the "war against terrorism" based on the circular dynamics of perceived, but unduly manipulated fear and the ensuing pervasive production of alleged security. The Patriot act in the United States manifests the apparent consent of the legislative branch giving the executive branch of government an open-ended license to act without heeding the laws and basic rights characteristic of the liberal democratic state. The United States dangerously succeeded to inculcate this illiberal paradigm globally. With and without American political pressure other governments have adopted similar doctrines. Cumulative infringements of individual rights and illiberal practices are legitimized with an alleged increase of security. The demonstration of seemingly efficient border controls is considered to be an important asset, which helps to secure continued public support for the current policy[2]. High-tech gadgets including biometric devices are deemed indispensable to portray efficiency. But the generic potential of biometric devices, presumably introduced to fend off terrorists from entering the national territory, is alarming because of their snowballing use to eventually control and structure societies.

One underlying assumption leading to the modification of the research design of WP4[3] was that the total costs of carrying out border control based on biometric identification and authorisation systems are not transparent. They are distributed across a wide range of governmental agencies and players in the private sector. Though it is ultimately the citizen who is burdened with the costs either as taxpayer or as customer. Being able to compare the total costs with the marginal improvement of security achieved would provide an important parameter to be taken into account in the ongoing political debate and decision making, involving the introduction of biometric systems to control borders among others. Current trends suggest that the ongoing drive to conceive ever more perfected technologies allowing to control borders will eventually burden the citizens, as mentioned above, with the presumably excessive costs of this policy. A realisation of this trend, if the full range of direct and indirect costs of the current border securitisation policies could be documented, might reinforce the political resistance against the dominant securitisation discourse. Additional arguments would become available helping to break the current cycles of cumulatively infringing liberty in the name of combating terrorism.

The assumption that the dynamics unleashed by politics to secure borders in the context of the war on perceived terrorism will produce spiralling costs implies that the biometric systems introduced for that purpose will be expensive, customized and not off-the-shelf mass produced technologies. Thus, a robust assessment of the full range of direct and indirect costs of the current border securitisation policies appears indispensable, before additional arguments will become available helping to slow down or even break the cycle of infringements of liberty imposed without a testable positive contribution to security.

The biometric industry portrays itself as an innovative sector capable to offer secure customised protection. The cost factor will at least co-determine the range and speed of the diffusion of biometric control across all spheres of social interactions. Thus, basically two parameters will influence the tangible trends in the near future, firstly, of course, the social acceptance of controls on the basis of biometric identification and secondly, the character of the technology. Will the innovation be restricted to customised systems or are we confronted with a generic technology, whose potential to disseminate into a myriad of appealing applications would mark a small technological revolution with a huge potential to transform social relations.

Putting biometrics into a wider context

The narrow post 9-11 concern with biometrics as crucial means secure national borders against infiltrating terrorists among others dominates the agitated political discourse how the governmental strategies to produce alleged security on the one hand and liberty as the very foundation of democratic societies on the other can be rationally balanced. The order of the logo of the Challenge network ‘liberty & security’ challenges the dangerous asymmetry governmental security policies create in the wake of 9-11 and aims at critically reviewing these policies in all its aspects. The populist rhetoric of politicians in discourses on security puts the role of the state in pushing biometric technologies at the centre stage. This reinforces anxieties that an autonomous bureaucratic security logic lacking transparency will lead to random surveillance beyond the control of the democratic sovereign and empower incumbent political elites to effectively sidestep democratic control.

However, the processes of social inclusion and exclusion accelerated by the neo-liberal regulation of the global economy also generate effectively policed borders beyond the nation state. Indeed many such visible as well as stealth borders have emerged based on a wide variety of control arrangements. The concept of non-state borders implies some form of policing and/or commodification of social demarcation lines leading to forms of social exclusion which comes at a cost, somebody apparently has reasons to pay for. Empirically this trend is reflected in the rapidly rising numbers of private police and security personnel. The respectively dominating parties, in whose interest such borders are delineated, are the paymasters, though in many instances they are able to misallocate public money and personnel to police "their" borders. In the informal spheres located at the peripheries or in decaying quarters of urban agglomerations, where the bottom of the social hierarchy struggles to make a living, informal, sometimes criminal actors police multiple borders. The territories overlap, such as drug cartel domains, self-defence areas organised by ethnic or other identity groups, and protection rackets.

Neo-liberal political dominance pursuing a lean-state strategy effectively transforms public goods including security into commodities and services, which are to an ever greater degree provided by businesses in the private sector (Lock 1998). This is reinforced by the trend to privatize many spheres, which historically were public. Privately owned malls or large shopping centres are commercial real estate, they have replaced the public market place. Where ever one goes, the chances are that one trespasses private property where the landlord defines the rules and oversees policing. Cost and security considerations drive a dynamic search for high-tech solutions including biometric controls[4] by the private security industry.

But more importantly, and in the current debate on biometrics and the state conveniently overlooked, is the corporate sector. Dating back to the 19th century enterprises are authorized to police on their property. State police has rather limited access to the property of the corporate sector, in most cases an explicit authorisation of the owner is required[5]. At the same time being employed implies a tacit empowerment of the employer to monitor and police the workplace. One part of the logic of this policing is to enhance productivity and to limit risks inherent to the work process. The current level of subtle and often not so subtle policing inside the corporate world has cumulatively evolved throughout the 20th century world. The process lacks transparency, it largely operates virtually without checks and with limited legal supervision, which reflects the power imbalance between employer and employee, particularly in the context of neo-liberal regulation. Moreover the nature of modern production and the greater than ever importance of the service sector demand intensified monitoring, safe access and process controls, background screening of personnel, protection of information and intellectual property against espionage etc. Thus, in the context of neo-liberal regulation the global economy is marked many latent non-state borders, which tend to become sharply entrenched. Not surprisingly the private sector is faster in applying the enormous functional potential of biometrics[6] to separate social spheres, safeguard private property, protect corporate interests by strictly controlling access to information etc..

The means a corporate player in the global economy is likely to employ to achieve a policing optimum are likely to exploit all available technologies with only limited ethical restraint. The main criteria is the functional cost - benefit ratio. It is therefore not surprising that the corporate sector has long before the state introduced biometric identification as a means to rationalize corporate controls. The private sector was definitively the precursor in the application of biometric technology and drove the market into a mode of rapid innovation. It was only then that following 9-11 governments began to position themselves as potentially large customers of the existing biometric technology promising further expansion of this still small and diversified industry. The same applies to all kinds of sophisticated control and process control technologies leading the way to replace human control by commodified controls and comprehensive commodification of (passive) security.

Equally important is the securitization of the increasing social segregation of the urban habitat, in other words the proliferation of social apartheid. Manifestations of this trend are gated communities, the worldwide hermetic access control of commercial real estate, factories, all sorts of businesses, orders of violence dominating the poverty-stricken peripheries of mega-cities, where the state is absent and has long since abandoned its task to deliver public goods in growing areas of the national territory, security in particular. All these developments have contributed to a diversified market for security products from steel doors to facial recognition. The insurance industry further promotes an ever more sophisticated commodification of security. An object not protected by the latest innovation in security products, supposedly giving the best protection, is charged with a penalty.

In short, this section argues that government demand for biometric technology and system integration needed to exploit its potential as a means of border controls is not the sole and will over time not even be the dominant driver of biometric products. The private corporate sector was definitely the precursor at the demand side of this emerging market. And more importantly as the technologies mature further, a wide range of applications in the private sector will dominate the demand and give the technological evolution its direction.

How to investigate applications and the impact of biometric technology[7]

In order to structure an empirical approach we carried out what might be called pilot studies. We looked at the balance sheet of a major German airport, at the budget of the Ministry of the Interior and tried to find out whether the balance sheet of airlines would us allow to assess the biometry-related costs incurred in the follow up of 9-11. These preliminary steps clearly indicated that the accessible financial statements and budgets do not allow to extract the factor biometry with a meaningful precision. With respect to their biometric content the items related to security investments and current (additional) costs were fuzzy at best. Additionally, in the case of international air travel it is not possible to separate legitimate and generally accepted measures (and the ensuing costs) taken to provide safe flights and intrusive measures adopted to control people crossing borders, which impose the recording of biometric data of each person entitled by a visa or other documents to cross certain national borders[8].

Given the limited chances to provide other than rather arbitrary assessments of the costs of the security paranoia and the ensuing "blind"[9] introduction of biometric control technologies, we changed our research strategy. We hypothesized on the basis of the information collected until then that the evolution or rather the dynamics of biometric control technologies result from a combination of a secular trend of technology innovation, which is basically market driven, and a political post-9-11-factor related to government-induced demand in pursuit of the securitisation of borders.

For this reason we sought to base our exploration on a modified research design, which would allow us to tentatively separate the two growth vectors underlying the rapidly expanding biometric industrial sector. By identifying the respective demand and supply drivers in the biometric markets the relative role of either vector would become apparent and allow a prediction whether and if how fast, for the most part driven by which demand the dynamic biometric industry will enter the phase of mass production, whereby the cost of biometric control would not any longer impact the direction and speed of governmental decisions concerning its application. Though cheap efficient biometrical control hypothesized as feasible would diminish in no way the political qualms liberal democrats have with the profound shift in power relations between the citizen and the political executive caused by a widespread intrusive use of biometric control technologies.

For heuristic purposes we took 9/11 as a milestone after which the political respectively governmental demand for biometric control technologies is assumed to become a driving force in the market, lavishly funding R&D and industrial growth similar to the government role in supporting the military industry during the heydays of the Cold War. Thus, in order to separate the civilian non-governmental market vector from the GWOT[10]-factor, we based our exploration on a comparison between a 2002 compendium (Nolde 2002) on the future of biometry[11] - almost all contributions in this compendium had been finalised before 9-11 - and an investment consulting publication for the security industry prepared by Lehman Brothers (Lehman 2007) and published in January 2007[12]. The 2002 assessment of biometric technologies does not take into account the sudden post-9-11 escalation of government hype on the imminent need to securitize the national borders and so far mostly potential government demand. The detailed investment recommendations of Lehman Brothers for all players in the security sector necessarily takes the presumed political factor as a driving force in the market into account. We believe that the prediction of trends in government expenditures on biometric control technologies in this industry sector report for financial investors is as close to reality as one can get in this field. A comparison between the market outlook in the 2002 compendium and the Lehman Brothers recommendations should reflect the relative importance of the security hype of GWOT-related government activities for the dynamics of the biometric industry and the beginning "Veralltäglichung"[13] of biometric controls.

Biometric outlook in 2002 based on pre 9-11 data

Nolde (2002) offers a comprehensive assessment of the state of the art of the different applications of a variety of biometric measures and surveys the level of social acceptance of biometric devices. It also considers the cost factor and the problem of data protection. We selectively document the 2002-outlook. It will be compared with a 2007-outlook in the next section. This research design aims at identifying the 9-11 impact on the biometric sector. The comparison will allow to identify two growth vectors of the biometric industry, namely the vector explained by secular growth and the vector representing the political impact of 9-11 on demand for biometric products.

Fingerprint is diagnosed as the most prolific biometric technology due to the availability of multiple ways(different wave lengths) of generating the image, which allows an adaptation to the specific requirements of the intended application. So-called capacitive sensors are chips, which enable a miniaturized design of the "reader" allowing the integration into a keyboard or a mobile phone. This technology is ready for mass production. Other finger print sensors are in successful use for more than ten years. The FAR (false acceptance rate) is minimal, the FRR (false rejection rate) is in the lower one-digit range. As acceptance problems are identified the association with criminological use of fingerprints and hygienic concerns, the latter particularly in Japan. The first problem is minimised in the case of smart cards, where the algorithmic identity of the fingerprint remains within the control range of the individual. The second problem is not relevant in all applications in the private or personal sphere. Most contributors expect a rapid spread of fingerprint biometry, particularly in combination with smart cards issued for purposes of authorisation of access etc.

Face recognition is in the process of being advanced and will eventually become broadly available as a minimally intrusive (no contact) means of identification and authorisation. For large scale application the system still requires the active cooperation of the person and worrisome light conditions. But the electronic gateman is clearly a market, which will develop as the quality of algorithms will improve even under less than optimal photographic conditions. The report does not mention the frightening potential of advanced face recognition for covert data collection and the drive of governments under the spell of securitisation policies to justify applications of this biometric identifier.

Iris recognition is based on monochromatic cameras. The iris is generally considered as a stable life-long individual characteristic. It is mildly intrusive as the eye must (currently) be positioned not more than 25 cm from the camera. Of each iris image a patented algorithm determines the characteristics, which are then compared for identification. The error rates are extremely small, the installation is relatively expensive, because a sophisticated camera is required. Since the complex unique image is converted into an iris code using not more than 256 Byte even large numbers of individuals can be administered. This technology will find broad applications, wherever access to high security zones is required.

The highest security degree can possibly be achieved with Retina recognition. The eagle skin behind the retina is scanned with the help of infrared light. The recognition is inconvenient and perceived as intrusive. It is applied to control access to highest security zones of nuclear installations and possibly intelligence facilities. No further applications are expected.

Dynamic signature recognition is relatively advanced and efficient, but it requires the use of special pads and pins, in order to record the dynamics of signing in addition to the graphic features. This procedure is considered safe and well accepted, since it hardly differs from traditional signing. A growing market is expected in the area of IT and IT-business.

Voice recognition is by now a relatively mature technology. The equipment required is cheap and often already installed in computers. Wide use is expected in the already practiced area of telephone authorisation (banking) and system access in the private sphere.

Parallel to fingerprint recognition hand configuration is used as a biometric characteristic. It is not as unique as fingerprints, but is often used as verification in combination with a smart card. But given the miniaturization and adaptability of fingerprint readers the markets are expected to be shrinking.

Thermographic images of the face taken with infrared cameras are a safe method of identification. The method is not intrusive and should have a high acceptance rate. A widespread application is unlikely in spite of the attractive features because of the high costs of the equipment.

A number of other biometric identification methods have either been developed for rather specific applications or are still in the development phase. Among those are individual typing pattern, ear form, body movement, and smell. The latter biometric is based on the molecular characteristic of a person’s smell. If applied it would become probably one of the most intrusive biometric identification methods, because the molecular configuration of smell reveals a wealth of additional intrusive information like drug use, illnesses etc. DNS would be feasible, but is not likely to find acceptance.

Several authors agree that biometric devices will rapidly penetrate daily life as cost reduction strategies in commerce and services will rely on biometric identification and authorisation using smart cards or larger central data bases. Electronic business transactions and legal processing will rely on biometric identification in but a few years from 2002 according to these authors. Access will mostly be regulated by biometric control. With some delay e-government will follow suit. At the time they insisted in 2002 (!) that the law in Germany stipulates that passports and identification cards should not contain fingerprints or any other biometric characteristic of the bearer. Thus, the government as a major customer of the emerging biometric industry was not yet in focus.

There was consensus that uncontrolled and opaque data manipulation in combination with undercover data collection will be the dark side of the rapidly emerging widespread use of biometric characteristics in daily routines. However the enormous potential of smart cards with integrated capacitive fingerprint recognition offers an area where one’s sovereignty over data, medical record for example, is guaranteed, while offering possibly lifesaving functions. Centralised data banks are not needed for such functions. Based on large scale applications in Israel among others, it is predicted that electronic signatures will become a mainstream technology to regulate authorisation. There is agreement that the financial industry will be the trend setter for the application of biometric applications.

However. it is predicted that by 2006 about half of the turnover in biometric identification technology will be realised by fingerprint devices. Several authors insist that the technology has reached a mature stage and will therefore attract a wide range of applications and structure many daily routines. An interesting prediction is the securitisation of handguns by means of an integrated capacitive fingerprint reader as a lock. That no evolution in this direction has taken place suggests that acceptance problems and the habitual time lag of legal regulation tend to be underestimated in technology forecasts. It is emphasized that the greatest chance to be accepted have systems allow identification without contact. However it is precisely these systems that lend themselves to covert observation and identification and thus would require strong regulatory control.

It is estimated that worldwide 200 suppliers of biometric systems operate in a market estimated to amount to just 100 million US-dollars with an annual growth rate between 30 and 50 percent. 20 suppliers are located in Germany such as Siemens, Bosch, Infineon and Dermalog. As the foremost criteria to succeed in this rapidly emerging market are mentioned: systemic compatibility with general IT-standards, reliability and above all price. The current market shares of different biometrical systems are estimated to be 35 % fingerprint, 35 % hand recognition, 10 % voice, 5 % Iris;5 % AFIS (automatic fingerprint identification system), 1 % signature, marginal share of Retina. As fields of application are identified 40 % physical access, 30 % law and order, 20 % banking, 3 % healthcare, 5 % immigration, 2 % telecom.

One contributor of this comprehensive sector review believes that it will take still "a few years" until biometric technologies will reach widespread application, because the systems currently offered have unsatisfactory FRR and are not protected against attacks. On the other hand representative research on the average acceptance of biometry revealed a surprisingly high rate of acceptance of biometric technologies as a means to facilitate safety in daily life. The current design deficiencies are expected to be resolved by forthcoming major advances in innovation and software improvement, in this case spectacular growth rates in the biometric industry are in the offing.

The most notable aspect of this assessment of the potential of biometric technology is the fact that in this pre-9-11 forecast demand generated by governments is hardly mentioned and not deemed important for the expected growth of the biometric industry. The underlying assumption was that governments still lag behind in terms of biometric applications.

Outlook in 2007

The "Security Annual 2006" (Lehman 2007) presents financial investors with the following expectation: "In our view, a combination of new technologies, the ‘convergence’ of physical and logical security, and long-overdue rollouts of homeland security programs in 2007, has real investment opportunities in the shares of security industry leaders."(p.1) ... "Security services and equipment stocks, in general, outperformed the market in the last couple of years. We believe this partly reflects investors’ belief that the war for ‘homeland security’ (note the dissociation of this new term from the Bush-doctrine. P.L.) and against terrorism will be long and sustained and partly reflects the continued growth of commercial technology and services. Our index of security industry stocks has appreciated 169% since August 31, 2001, compared with a 28% rise in the S&P 500 during the same period."(p.1) While the report expects some important contracts which will finally be handed out by the DHS are the "’beta tests’ for far more consistent (and recurring) revenue from the corporate sector for the next decades. The identification programs and video surveillance systems, as they are scaled and find lower price points, will likely find traction with the burgeoning numbers of corporate chief security officers (CSOs)."(p.6)

As a result unlike the military industry the biometric industry does clearly not operate in a monopsonistic market. At least in the long run this should lead to more transparent government contracting as still is the case in military procurement. The delays of government programs (in the United States) and the ensuing orders due to intra-governmental competition and interoperability issues are predicted to be overcome from 2007 onwards. But still the corporate sector will be the more dynamic growth vector in two to four years(p.7). From the investor perspective the "first real U.S. and foreign government orders for biometric systems are critical not just for making the biometric providers (eventually) profitable, but for creating the reference sites and beta tests that will be required for the holy grail of biometrics to become reality: major adoption by commercial users." (p.11/12) Thus, as formulated later in the text, the question is not if, but when the avalanche of private-sector orders will reach the suppliers of biometric systems.

"Video systems increasingly rely on software and networking systems to add functionality and storage capability. Such ‘smart video" systems allow object tracking, low-light vision, and massive storage capabilities never achieved previously."(p.11) This technological milestone has far reaching implications for the expansion of covert monitoring and using CCTV images for social control. Improved face recognition capability, clearly on the way to become available, integrated in automated mode in "smart video" systems would be a tempting capability for a government basing its power on security scare. It is important to take note that costs will not be a barrier, as all components of such an architecture of comprehensive control will be mass produced items. Not least because the restrictions and resistance to implement "total" control will not apply to the private corporate sector to the same extent as will hopefully be the case throughout public spaces, corporate customers will push this market first.

The accelerating dynamic of the "security technology and equipment" market manifests itself in increasing numbers of merger and acquisitions of enterprises in this sector since 2004. But the consolidation process will continue as the market grows fast. L-1 (identification and multi-biometrics), itself the product of various acquisitions and Cogent (AFIS and matching of acquired biometrics against databases) are the US-market leaders in biometric markets, whose market capitalisation is 1.01b US-dollars and 1.08b US-dollars respectively. FLIR with a market capitalisation of 2.14b US-dollars is the market leader in thermal and infrared imaging, which has a huge biometric potential due to the on-going progress to develop robust algorithms of human features, face among others. In addition it has important military applications.

Already implemented DHS biometric programs are US-VISIT(annual budget 300 million plus US-dollars), which requires a digital photo and two fingerprints with every visa. Additional investments are on the way "to enhance the access for border personnel to immigration, criminal, and terrorist information. Multibiometric, AFIS, document authentication, smart card companies, and above all, large integrators (italics P.L.), should benefit".(p.29) Larger and more far-reaching implications has the so-called TWIC (Transport Worker Identification Credential) program which is in the process of being implemented in stages. "The final TWIC program is expected to cost about $ 1.2 billion and encompass 10 million -12 million transportation workers (at roughly $ 125-$150 per card)."(p.30).
"A TWIC card includes 10 fingerprints, date of birth, address and phone number, alien registration number (if applicable), photo, employer, and job title. The program also requires a public key infrastructure and other IT capabilities. The program will also include a centralized database called ID Management System(italics P.L.)."(p.30) Similar schemes are HAZMAT (driver licences for transport of hazardous materials), registered traveller program and in the private sector VIP High Profile and VIP CLEAR (basically smart cards containing biometric data <iris and fingerprint> of the bearer which can be read for identification and authorisation). Participation in the scheme carries an annual fee of about $ 100, hotel chains and car rentals are among the increasing number of enterprises which accept VIP CLEAR.

Lastly the Homeland Security Presidential Directive 12 will have far reaching ramifications. It calls for a standardized biometric smart card (Federal Information Processing Standard (FIPS) for all federal agencies. It is noteworthy that all regulations by the US-government are geared towards centralized linked data bases. In addition these cards are likely to be configured as contactless RFID (radio frequency identification) smart cards which implies that they can be covertly read at a distance of almost ten meters. The RFID-technology will also be employed for People Access Security Service (PASS) a border document for U.S. citizens who do not possess a passport, it transmits a number which is being matched against a DHS data base.

Mexicans, who are frequent visitors, receive a Border Crossing Card (Laser visa). It is a machine readable document with several security features, including biometrics and optical storage. The U.S. VISA Waiver program imposes ePassports on the 27 nations included. They all have begun to issue ePassports with the exception of Andorra, Brunei, and Liechtenstein. The countries included in this program are basically the "Cold War West" with the single exception of Slovenia. The European roadmap for ePassports currently foresees a deadline of 4/2008 containing bio face, finger print and extended active authentication. The Schengen Visa Information System is expected to handle 20 million visa requests and 40 million requests to check the validity of issued visas per year. While the numbers appear large, the Hewlett- Packard’s contract to design and develop the system is a mere $ 48 million[14].

Not surprisingly potential DHS contracts take a large space in the Lehman Annual, but this should not distract from the secular trend to make use of biometric systems in the private sector. Concerns of privacy are not taken as an impediment of an expansion in the corporate sector. "As in the emerging RFID sector, the mining abilities of DVS (digital video systems) technology have been questioned by consumer groups concerned about individual privacy. However, such concerns will not likely impede growth in the video sector."(p.81) Not least because the protection of informational freedom will be more difficult to implement in the corporate world, where fear to secure employment and profit mark the parameters of action of people distressed, than in the public sphere.

In the words of the Annual it is not a question if but only when the demand for biometric systems accelerates exponentially (p.125). "The key contributors to increased corporate, public and private (note the order! P.L.) investor interest in the companies that provide these systems and services are 1) enough money is now being spent on the security industry and the government/commercial projects in which it is involved; and 2) the technology is now inexpensive enough to encourage entrants."<italics P.L.>(p.57).

The generic character of the technologies involved is emphasized in the report confirming that the homeland security market bears little resemblance with the paradigm of military procurement. Open systems and not proprietary systems are spurring innovation is the president of DVTel quoted: "by allowing for open systems, improvements in other industries advance the security industry"(p.58). Two examples include the advances in processors by Intel, improving video surveillance monitoring capabilities if the PCs used by the security industry are not proprietary equipment. (military equipment generally contains a lot of proprietary technology generated in isolation from the vibrant non-military markets. P.L.) "Also, interestingly the gaming industry has been a major contributor, mainly because network-based gaming has required producers to build video cards into computers and sell less expensive over-the-counter video cards which can be utilized for clearer video images over an IP system; again an example of how closed-loop proprietary systems delay adaptation of technological advances in other similar industries."[15](p.58)

Top of the range products presented last year indicate the frighteningly ambivalent technological progress. In the words of the Lehman Annual: "... a video management system with analytics that converts raw video from security cameras into intelligently searchable information- ... The 3VR system won best product of the year at the major security product trade show. ISC, for demonstrating how easy it is with its system to search and call up any type of incident desired, per camera, and shared across multiple facilities, both on a proactive "trigger" basis and on a reactive search-after-the-fact basis. 3VR’s biometric capabilities in its system allow instant face-specific searches, a feature it is marketing to several vertical markets, but particularly to banks."(p.84)

Highest growth rates are predicted for "(N)ew access control technologies, which interface with Auto-ID, such as biometrics, photo ID, contactless smalt cards, and radio frequency identification. This is one of the higher-growth sectors, growing 20% annually. ... In addition to airport upgrades, major growth markets include educational institutions and universities as well as financial institutions.." (p.98) The new access control "can include highly sophisticated biometric ‘badges’ that integrate with digital CCTV systems, contactless smart chip cards, and radio frequency identification (RFID) cards, which carry unique signatures for their users and biometrics such as fingerprint and ID systems."(p.99)

Finally consider the enthusiastic assessment of the future of biometric systems: "...biometrics is ready for "prime time" and that is just a matter of one or two catalyst announcement in one region of the world (most likely the U.S. government) before others follow suit and demonstrate the true penetration of biometrics. Technological advancements, the continued standardization of biometrics technology, and an increase in public awareness of ID verification, all should, we believe, lead to the hundreds of pilot projects finding traction and eventually phasing into large-scale deployments over the next couple of years."(p.111)

The fingerprint market (AFIS) is expected to grow to more than $ 2.5 billion in 2010. (p.117) Prices for the necessary devices are falling rapidly. AFIS has basically two applications, in civil and criminal affairs. Civil applications have a large growth potential, while the criminal market is mature. Market leaders are European companies, Sagem[16] alone has a market share of almost 50 %. (p,119) One of the more spectacular applications of biometric characteristics was administered by the UNHCR in Afghanistan, where 1.8 million Irises of refugees were registered for processing repatriation. Also the U.S. prison system uses Iris for identification of prisoners. Elections held in the context of civil unrest bear chances for the biometric industry as biometric IDs are likely to be distributed to reduce claims of fraud, as was the case recently in Venezuela.(p.132ff.)

Our interpretation of this outlook suggests that the biometric industry will thrive on the basis of private and corporate applications and will even thrive more if the U.S. government and the DHS in particular finally begins to order the biometric systems which continue to grow on the drawing board of the department. Most importantly for the on-going Challenge discourse on how to stop the attacks on liberty we find that the prices for biometric control systems including all peripheries are rapidly falling. The budget of a totalitarian state applying biometry to control its citizens would hardly show the devious practice. Though the more important finding in the context of the current discourse on the implications of biometrics for the balance of liberty and security is the trend of non-government markets dominating the demand for biometric products. Given the focus of controlling borders in the governmental discourse relating to biometrics the question emerges what are the "borders" biometrics allow to control in the corporate and private sectors.

Government procurement and the economics of innovation

Throughout most of the Cold War governments were convinced or possibly only pretended that military R&D was spearheading technological progress. Military R&D and the military industries, branded as the military-industrial complex, were lavishly funded as it was firmly believed that national defence and strategies in support of national competitiveness in global markets would be simultaneously achieved in this way. The argument was that only government money could cover the risks of radically innovative research[17]. A standard list of technologies, which were spun off from military products emerging in the context of the expensive arms competition during the Cold War, contained claims like computing (basically required to calculate nuclear reactions in the process of building nuclear weapons) and a number of synthetic materials. It was taken for granted that the military sector represented leading-edge technology, in spite of the fact that the actual status was difficult to evaluate objectively, since the sector was shielded by military secrecy and the quality of the equipment procured was never tested in a competitive market.

It came as a shock when towards the end of the Cold War two American research teams, one at Harvard University and the other at the then Office of Technology Assessment[18], concluded that the defence industrial base of the United States was actually heavily dependent on imported high-tech components developed and produced by civilian industries in Asia and Europe. More importantly, it had become evident that the technological superiority of western weapon systems was based on the breath-taking advances in information technology. This innovation was driven by huge civilian non-government markets for information technology[19], which were brought about by rapidly expanding non-military applications and the ensuing competition over shares in global markets[20]. As a result the insulated military-industrial complex was definitely not any longer spearheading technological innovation[21].

To the contrary weapon systems lagged behind, because the secretive military research establishment continued to develop its own customised electronic components and was overtaken by the progress of generic information technology spawned by demand from the civilian sector. Already in the early eighties the non-military innovation had clearly taken the lead, though it took some time until the military establishment was ready to acknowledge the changed reality, namely that the flow of innovation between military and civilian high-tech sectors had been reversed. The military contractors and the procurement bureaucracies had a mutual interest in continuing to shield the protected military procurement "market" from new entrants. But the famous "spin-off" like the iconic Teflon pan was definitely replaced by the indispensable spinning-in of civilian high-tech components into advanced weapon systems[22] of all kind.

Economically this meant that the established military-industrial complex lost its absolute control over procurement. Long timeframes, typical of military R&D, have come under pressure and finally the military manufacturers also face a diminishing share in the value added in production. Slowly at least some elements of market and competition have become part of the procurement process. In some cases even total newcomers successfully entered the market as most recently demonstrated by the manufacturer of the Predator, an UAV[23]. Piloted from an airbase in the United States the Predator flies frequent missions in Iraq and Afghanistan on the basis of electronic intelligence.

Government procurement, particularly in the field of national security, tends to be tightly regulated and prone to political influence. National security is a monopsonistic market where market forces are marginalised by non-economic regulations embedded in a political culture of exception, which characterises government decision making concerning national security. There is no mechanism to base decisions on an evaluation of price and performance. Most of the products are considered to be unique, they lack parameters, which would allow comparisons and gauge efficiency. Political and bureaucratic actors involved in national security procurement are not easily inclined to recognize a bad ratio between price and performance and cancel a contract, once procurement has started. Instead of cancelling underperforming projects they are more likely to be perfected by add-on purchases or simply expanded to cover up any deficiencies. This pattern of bureaucratic behaviour separates government contracts from efficient markets, particularly in the area of national security, because the customary secrecy in this domain easily facilitates a cover-up of mistakes or corruption. As military procurement in the United States and also in Europe currently testifies, even the disappearance of a defined mission does not end procurement[24].

This digression into the track record of military procurement should help to better understand the forces at work in the emerging market of homeland security, which includes border protection and the adoption of intrusive strategies by government agencies tempted to indiscriminately use biometric data under the umbrella of national security. We now turn to this new national security segment of government procurement of multiple, quite often redundant control technologies. Following 9-11 a new high-tech vision of absolute border control moved towards the top of the political agenda in the United States. The Pentagon has successfully moved to gain an increasing influence over the web of national intelligence at all levels[25].

The ‘security syndrome’, which formed the sheltered bureaucratic culture of the Pentagon over half-a-century successfully kept parliament and public scrutiny at a distance. As a result the Pentagon today remains one of the last vestiges of "Soviet" organisation, largely insulated from the pervasive dominance of market mechanisms as the overriding regulatory force. Following the 9-11 the ‘security syndrome’ was expanded to include large sectors of the federal bureaucracy, whose core was reorganised to form a single unit, the DHS. In terms of employees the HDS became the largest single bureaucracy. Though in terms of budget volume the DHS is dwarfed by the DoD (Department of Defense) roughly by a factor of 1:5. Still its task to produce ‘instant’ national security in times of the declared GWOT entitles the DHS to follow in the footsteps of the Pentagon and to shield its activities from the regulatory supervision by the democratic sovereign. This suggests that the procurement of "homeland security" equipment is not likely to be played out in transparent, competitive markets. A bureaucratic culture of secrecy inevitably tends to cultivate supplier relations privileging the incumbent.

Therefore the bureaucratic culture of the Department of Homeland Security is likely to establish opaque relations with its suppliers[26] similar to the Pentagon. Not surprisingly, big military industrial players like Lockheed and Northrop are buying up smaller companies specialising in biometrics among others, in order to gain a foothold in the homeland security market expected to expand following the pattern of military procurement[27]. The logic of the new homeland security design also means that other nations have to follow suit lest their citizens would be banned from travelling to the United States among others[28].

The leading industrial media groups soon after the creation of the Department of Homeland Security (DHS) introduced magazines and inserted "homeland security" sections in journals offering technological and industrial information concerning homeland security technologies in a similar fashion as they produce magazines and journals covering military procurement. The market leader MacGraw Hill launched a magazine in the format of its Aviation Week & Space Technology, the leading publication in the field of aviation and military procurement, called Homeland Security. Its main function appeared to have been to gauge and enhance the volumes of security technology potentially to be procured by governments and the US-government in particular aiming at securitizing their borders and responding to other imagined scares[29]. Maximising threat scenarios in the usual pattern of military-industrial journals, which "require" huge investments in the development of security technologies, constituted the main content of this journal. Typically the articles were hard to distinguish from promotional leaflets of suppliers. Surprisingly though the journal disappeared from the market in less than two years, even though the DHS and its budget continues to thrive.

We hypothesize that the publishers had miscalculated the market and the interest of potential suppliers to place expensive advertisements. Contrary to military technology the so-called homeland security technology is not "created" by government procurement. In modifications all the border control technologies were already in existence and extensively applied in the corporate sector to protect property, information and transactions. Additional markets are created by the need to rationalise and impersonalise (commodification) the protection of private property, such as gated communities, malls, private houses and public or corporate facilities, military installations, ware houses, sensitive buildings etc. Key components of the technology, including biometric devices, needed to implement comprehensive biometric controls of people when passing borders for example are available and in use in a wide variety of applications in the private corporate sector. The state is more of a late-comer in this field, possibly except for the extensive communal coverage with CCTV in Britain and parts of France. Many devices are mass-produced for diversified markets, others are at the brink of being mass-produced in fast expanding markets. Furthermore, the need to develop sophisticated equipment to screen air traffic (passengers and cargo) also clearly predates the new paranoia created by the declared war on terrorism and the ensuing homeland security paradigm. This entire sector was already served by industrial journals and magazines well before 9-11[30]. serious

Contrary to military equipment the procurement of security technologies by governments in the context of homeland security and border protection basically draws on relatively mature technologies[31]. The markets are rapidly expanding by constantly adding on new applications and show an increasing acceptance of biometric devices in daily routines. Thus, even in the narrow field of biometric devices governments are far from being the biggest customers, though admittedly single manufacturers consider government contracts as an important reference for the quality of their product.

However, the hype of national security and the secrecy taken for granted by the respective bureaucracy lead to contract procedures lacking the transparency necessary to let markets determine the procurement of the most appropriate product. Furthermore, the rhetoric of national security concerns imperatively favours top of the range technology, which tends to neutralise markets in determining the outcome. Demanding regulations give status and legitimacy to the DHS-bureaucracy and their equivalents in Europe allowing them to side-step open competitive bidding and to establish non-market contractor relationships. In this way the secretive national security bureaucracy gains leverage and opens the field for political manoeuvring in the process of contracting[32]. This helps to explain as to why some of the traditional defence suppliers were eager to acquire innovative biometric companies, in order to replicate their dominant position in military procurement also in the DHS-market. However, "baroque technologies" in analogy to Mary Kaldor’s indictment of overprized and inefficient military high-tech are not likely to emerge in the biometric homeland security market, because the markets are diversified, competition is intensive and the pace of innovation breathtakingly brisk.

The drawing board of military planners and product specifications formulated by the procurement bureaucracy mark genesis of a military system, government invites and funds the development. The economic risk for the potential supplier is small and virtually disappears once a point of no return is reached in the development of the design. Funds already committed and the likelihood of additional delays in case the developer/supplier should be changed determine the point of no return.

In the case of biometric systems the potential procurement bureaucracy can advertise tests of existing technologies in preparation of procurement decisions. In 2002 the so far most demanding and comprehensive test for biometric face recognition was organised by public authorities in the United States. Among the organising agencies were Defense Advanced Projects Agency, National Institute of Standards and Technology, the DoD Counterdrug Technology Development Program Office and the Naval Sea Systems Command. Ten systems were presented and tested for "large scale verification, identification and watch list performance" In all tests three suppliers, Cognitec, Identix, Eyematic, were far ahead of the rest. Fingerprint Vendor Technology Evaluation was commissioned by the Justice Management Division of Department of Justice in the Untied States. 18 manufacturers presented 34 fingerprint systems. NEC, Cogent and SAGEM came out ahead of the rest.(TeleTrust 2006, p.60f.)

Depending on the framing of the problem it is arguable whether the private sector or the government is in the end the more demanding customer. Taking price and ultimate performance into account the private sector is definitely more demanding, but also more pragmatic. While the government appears often to be more demanding because of its tendency to introduce rigid regulations and formulating tough customised targets, like little or no tolerance with respect to FAR (false acceptance rate) in the case of biometric devices.

But undeniably it is a functioning market, which drives the pace of innovation and a steady reduction of prices as time monopolies are inexorably eliminated by the next wave of generic innovation[33]. In this respect the security market including the biometric segment operates along the pattern of the computer industry, with the possible exception of DHS and similar agencies. They may continue attempting to impose the manufacture of customised systems in close cooperation with a general contractor replicating the military procurement culture. But the rapid pace of innovation generated by the non-government demand for the same or similar products will eventually impose a more market-oriented procurement decisions by the DHS. The following table juxtaposes typical features of military and biometric markets.

Main characteristics of military industries and biometric industries

  Military Industries Biometric Industries
Producers predominantly large corporations, two or three, sometimes only one supplier per product line, state influence large numbers of small start-up companies or branches of large diversified corporations, which were often small innovating companies before acquisition
Markets argely monopsonistic, key players control specific market segments, mostly closed national markets competitive, many new market entrants, slow consolidation, however financial investors (L1 i.e.) have entered the sector more open markets, global competition in the case of components
Marketing entrenched political networking, employment of high-ranking military and bureaucrats, corruption(export) normal lobbying and PR, importance of prestigious reference customers,
Research & development extremely long development cycles determined by demanding military specifications, "technology driven" governments finance a large share of r & d costs rapid innovation spurred by the permanent threat of new entrants, "market driven", private risk capital subscribes costs, only limited government credits
Basic characteristics of the technology customized, little dual use potential, long product cycles often 10 up to 20 years, 40 years in airlift equipment, maintenance and upgrading increasingly controlled by the contractor generic, diversified applications, short product cycles between one and three years, rarely longer maintenance included in contract, often leasing contracts
Production strong vertical integration (high share of value added) experienced workforce, expensive single purpose capital goods horizontal production (flexible upstream sourcing) more system integration than physical production top of the range software engineers are crucial
Security absolute isolation, prohibition to share information with the scientific community main concern: protection of proprietary knowledge, open sourcing and sharing indispensable for successful marketing

A new bureaucratic-industrial complex?

There is little empirical evidence provided in liberal advocacy studies (International Campaign 2005; Hayes 2006) backing up the parallel drawn between the military-industrial complex and the security-industrial complex (Hayes 2006) or the corporate security complex (International Campaign 2005). Both studies use extensive quotes from president Eisenhower’s famous warning in his farewell address that the political power of the military-industrial complex, which was about to mature at the time, posed a threat to the functioning of democratic governance. But neither study attempts to provide valid quantitative data or to elaborate structural similarities between the two complexes, which would justify the asserted analogy. The authors of International Campaign contend: Billions of dollars, euros, and other currencies fuel the corporate security complex.(p.35) For the United States an estimate of $ 115 billion is given for 2003 alone. "The estimated allocations up to 2010 are $ 130 to $180 billion a year." (p.36) The source for this assessment given is a Wall Street Journal article dated November 25, 2002[34].

The volume of the known contracts for biometric documents, data research, and other control devices are not compatible with the $115 billion estimate. Most contracts have a volume in the single digit millions range. Hayes is shy of quantifying the complex he believes to have identified. Both studies warn of governments creating infrastructures permitting total control[35] in the end. With respect to the ongoing biometric registration and mass surveillance Agamben is approvingly quoted: "There has been an attempt the last few years to convince us to accept as the humane and normal dimensions of our existence, practices of control that had always been properly considered inhumane and exceptional."(International Campaign 2005, p.39)

The assumption that we witness the formation of a security-industrial complex, which is portrayed by the quoted liberal advocacy groups as an extension and transformation of the military-industrial complex is at least not borne out by the structure of the biometric market and dynamic business models in this sector. The ideal type of a successful company in the emerging biometric markets is a virtual company which integrates hardware and software components available in the global market as a result of mass production. The Danish company RFIDsee is paradigmatic for this industry and the difference between the military-industrial complex and the assumed security-industrial complex.

"The RFIDsec business model has been structured to form a Networked Business organization based on extensive sourcing from best-of-the-breed partners in R & D, production, sales, and marketing."[36] Even SagemMorpho Inc., the absolute market leader in fingerprint technology and part of the French dual-use industrial behemoth Safran, a recent merger of Snecma and Sagem, explains at its website: Recognizing that the evolving biometric security market demands the flexibility and reliability of multiple-biometric solutions, SagemMorpho has joined with non-fingerprint biometric vendors to develop multimodal solutions that multiply the effectiveness of identification technology. In the old days "multimodal solutions" would have been developed in-house.

The mass production character of the components forming a biometric control device implies that the technology is cheap as opposed to traditional military high-tech products. An RFID chip, the basic technology used to integrate biometric data of a passport holder like digital photo of the face and the respective algorithmic expression, algorithmic identity of fingerprints or iris is said to cost about 15 cent of a dollar (Birchall 2006). The reason behind this trend to drive the prices down is the fact that WalMart, Tesco and Metro have begun to impose upon their suppliers to mark their deliveries with RFIDs instead of the traditional barcodes. Even assuming that the RFID for passport will fetch a much higher price, biometric passports and the adjoining control devices will be no financial match for an average military contracts.

But apart from these obvious differences, which will be dealt with in a separate section on the structure of the two markets, it should be noted that the budget figures cited are most likely mistakenly labelling the entire budget of the DHS in the United States as forming part of the assumed security industrial complex. However the DHS is a bureaucratic amalgam of a wide range of government bureaucracies with established demand profiles[37]. The latter are not likely to change as a result of president Bush’s decision to create this bureaucratic behemoth. Thus, only a rather small proportion of the above 100 billion US-dollars budget of the DHS is disposable to underwrite the alleged new security-industrial complex. Moreover in most other industrial countries a bureaucratic consolidation of security-relevant government branches a la United States into a single ministry has not materialised. The underlying ceteris paribus argument based on US-data is contradicted by a more careful approach towards the current security challenges in many European countries. For the time being we conclude that there is little evidence that a security industrial complex is in the making. In the section on government procurement and innovation we have identified the distinct characteristics of the military industry on the one hand and the new security industries like biometrics[38] on the other and shown that the political nature of government-industry relations bears few, if any similarities.

Preliminary conclusion and implications for research on biometry in Challenge

Several developments suggest that the current opposition and some of its arguments used against the apparent invasion of biometric control measures being currently instituted by governments are likely to lose currency. On the economic front the costs governments have to shoulder for aggressive and intrusive security technologies will not be a critical hurdle. Cost considerations will not have a major impact on the political debate of how much is enough and what is too much. Current trends clearly point in the direction that the costs are likely to shrink and will not increase as the projection of past experiences with government procurement in the field of security would suggest. A vibrant and increasingly global corporate security market for sophisticated biometric control technologies drives rapid product innovation forward and prices down. Most importantly the sums involved are a fraction of what single fighter aircraft or naval ships require.

Another persistent development suggests that people are progressively more exposed in their daily routine to a pervasive application[39] of the very technologies the state is intent to apply in controlling borders. Due to the emerging "Veralltäglichung" of biometric control the collection of this intrusive data in pursuit of "homeland security" is likely to be tolerated more easily by the large majority of citizens and will therefore be with little trouble legitimized in the political arena as long as it is innocuously packaged.

A closer look at procurement required to translate the vision of securitized national borders by large scale application of biometric technologies into reality reveals structural differences between military and this border control technology. The political economy of the military sector will not be replicated in the emerging "home security" market. The dual-use character of the technologies limits the leverage procurement bureaucracies over the market as non-government demand is likely to be more important for the suppliers. The stranglehold certain arms manufacturers in conjunction with entrenched political lobbies hold over billions of annual military procurement is not likely to extend into the market of biometric technologies, in spite of the fact that some big military players acquired small producers of biometric systems. The demand-driven innovation cycles are too transparent as to let incumbent suppliers fend off new entrants (with superior products) with the tacit consent of the bureaucracy as still is the case with weapon systems.

Contrary to the military domain the procurement bureaucracy cannot manage the technologies it acquires by stamping them "secret". At the technical level there can be no secrecy. The software architecture used is in the public domain[40] and governments will most likely be forced to outsource the servicing and updating to the private sector[41], because it is unrealistic to generate and keep up-to date the necessary know-how within the ranks of government bureaucracies. The downside of this situation is that the barrier against unlawful access to governmental data bases and biometric data generation is structurally vulnerable.

Conceptualising a strategy to halt the evolution of an authoritarian intrusive state, which neglects basic conditions of liberty under the pretence to fight terrorism, is not likely to succeed by simply refusing governmental controls based on technologies citizens are confronted with in their daily routine. Tackling the issue requires a wider perspective. It is necessary to identify the concrete applications of biometric devices, which either constitute misuse or lead to unwarranted aggregated information, which, if stolen or used illegally, will produce disproportionate harm. It is useful to sketch the societal scenario, in which political strategies to protect the liberal state and individual rights must operate and hopefully produce results.

The most ambiguous aspect of current trends is undoubtedly that biometric control technologies are about to become devices of convenience in daily routines, amenities like access to the flat, refrigerator, TV etc. one will eventually not want to miss. In addition, one cannot simply refuse to use them, because the acceptance to use them is likely to become a precondition of being employed, as multiple access controls at the workplace will be based on biometric identification[42]. Thus, fingerprint or iris control and eventually face recognition will sooner or later command many, often welcomed functions in the private sphere as well as at the workplace. The integration of biometric data in official documents other than passports like driving licenses, which are configured as smart cards, is in full swing. A small German company[43] provides a number of states in Brazil with smart cards, which serve as driving licences. They carry the compressed biometric data of the bearer and the police is supplied with simple handheld reading devices (of the fingerprint in this case) and can instantly control the identity of the bearer.

States affected by widespread corruption, by high levels of fraud, and elevated economic criminality are possibly more likely to take the lead in applying biometric controls on large scales than the EU for example. It defies imagination what use of the biometric control potential the racist Nazi-regime would have made, had it been available. But the potential value of functionally stealth, intrusive controls, based on biometric instruments like face recognition for today’s dictatorships or incumbent "democratic" elites wanting to stay in power by intrusive manipulation rather than visible police action is only too obvious.

Based on the information we collected so far, we hypothesize that the evolution of the biometric industry will be driven by a fast expanding demand within the private sector ranging from corporate security concerns to personal household access devices. It is safe to assume that security and social control devices will mainly rely on biometrical parameters, because of the unmatched safety biometry offers. The error rates (FRR, FAR), often cited as proof of the unacceptable unreliability of controls based on biometric parameters, will be rapidly overcome by the development of systems using multiple biometric parameters. For example, in combination with RFID biometric identification Smart Cards have the potential to dramatically transform hospitals and similar institutions in a few years time by providing instant comprehensive information awareness. Profound worrying changes in social transactions are in the offing, if biometric parameters are merged with vast quantities of information. We assume that cost reduction, increase of efficiency etc. will silence most objections against an ever deeper information awareness by governmental and corporate agencies.

We have already mentioned, the first generation of personal computers is being marketed, where the user can program his own fingerprint as an access control[44]. Though such applications of everyday control technologies based on biometrical parameters are not yet widespread and come with a price, it is safe to assume that it will rapidly become a mass market and as a result such devices will be cheap. This trend will be perceived as offering convenience and "absolute" safety compared to current control technologies, which can be stolen or lost, thereby creating inconveniences.

The most likely scenario will be societies, which organise their daily life, in particular the separation of the private sphere from publicly accessible spaces, on the basis of easy-to-use biometrical control devices. Corporate and social supervision as well as control will be further advanced by a wide-spread, often enforced application of RFID tagging allowing remote instant control. In the case of car safety RFID the signal is strong enough to be collected via satellite[45]. As control technologies are penetrating the daily routine at the threshold separating private domains from the public space, it becomes ever more difficult to energize a political debate aiming at limiting the intrusive strategies of the state using biometrical control devices justified by the pretension to "produce security". We have come to believe in the course of studying the industrial dimension of biometry that it will be difficult to find a political majority denying the state the use of control and exclusion technologies, which at the same time form part of their daily routine. These biometric technologies are likely to be perceived as amenities in the organisation of daily routines, in particular convenient access and safe control etc. rather than a threat.

For people to insist on a passport not carrying biometric data or exclude any use other than individual identification requires an offensive debate on how to effectively limit the reach of the state. Unproven claims that perfecting border control by biometric technology provides better security are the starting argument to a process of potential self-sustaining misuse dynamics of biometric data bases. Organising a democratic society presupposes a liberal consensus that trust rather than fear is the fundamental building block of a liberal democracy. Trust bears inevitably the risk of betrayal. But the greater danger is the devastating dimension of the latent risk that biometric data bases collected by the state for seemingly benign purposes are misused.

This text argues that economic interest is unlikely to exert significant pressure on governments to speed and expand the introduction of biometric devices to control borders. There is no reason to assume that the lobbying on behalf of the biometric industry exceeds normal salesmanship, when it comes to win procurement contracts. To the contrary, as a recent hearing in British parliament testifies, the government agencies manoeuvre as absolutely sovereign customers in a diversified market[46]. We also argue that the government is neither a precursor nor likely to become the dominant customer in the sector. From this we draw the conclusion that the current debate on the inherent danger of biometry is overly state-focussed and does not pay sufficient attention to the infringement of individual rights by the largely uncontrolled application of biometric control devices in the private sphere, particularly in the corporate sector, and the potential interaction between the corporate sector and government agencies.

National borders are just one set of social borders. It is often argued that other more or less, mostly privately, policed social borders are multiplying. The latter often separate and create social apartheid as sharply or even sharper than national borders. What happens in the corporate sector is hidden in the fog of the entitlements private property and entrepreneurial freedom are legally endowed with. It is therefore even more difficult than in the case of secretive governments to arrive at comprehensive, reliable information concerning the use of biometric control technology. Thus, new research designs are urgently required to shed light on these wider questions.

Since biometric technology will not be disinvented, but most likely be rapidly perfected, political strategies to engulf the misuse of biometric data are not helped by focusing on current levels of malfunctioning, because they will be but a transitory phenomenon. The recording of a person’s biometric data and the algorithmic transformation in digitalised identity is a neutral process. Liberty and the rule of law can come under attack only at the level of systemic integration of data sets. In other words, the danger zone is not so much the biometric control device as such, but the software, which organises, stores, retrieves, and fuses the data, constitutes the danger zone, where any misuse originates. Several processes can lead to misuses of stored biometric data.
- The state changes the rules to make use of the technically feasible, neglecting the principle of proportionality in the process.
- The state breaks openly, as an emergency measure, or covertly its own laws and unlawfully harvests incriminating information by fusing different data sets.
- The state does not properly protect the collected data. It might be stolen or transferred to another state in exchange.
- Since software servicing is typically an outsourced activity[47], data can easily be appropriated in the process. The dangers are inherent, since such data in wrong hands may not only cause harm, it also has a considerable (black or criminal) market value[48].
- The state and the corporate sector conspire and swap data sets.

This list is far from complete, but it urgently suggests a frugal approach towards demands to create data bases containing biometric data among others. The political debate and research must address questions like the co-variation of social trust and security and the futility of maximising security on the basis ever tighter controls. Merely technical interventions will not be able to harness the innate dangers of the global modernisation process and the proliferation of instruments of "instant awareness". It is in the interest of many political actors and agencies to foster a climate of fear and use these instruments. Social cohesion as a fundamental condition of a stable liberal democracy is lost out of sight. As a result the historical evidence that functioning liberal democracies provide the safest form of social organisation is not any longer contemplated in political discourses, instead high-tech commodification of security without serious evaluation of its efficiency dominates the debates.

Neither the technology nor the sprawling data bases, which even insinuate fantasies of "total awareness" in the supremacist circles of the Pentagon among others, can realistically be forced back into the bottle. So what is to be done to defend the liberal state? Merely stopping the leaks will not stabilise the situation. Instead it seems pertinent to completely rethink security, secrecy, and the relationship between citizen and state.

Postscript

Researching the economic dimension of biometry in the production of security did not encourage an optimistic view of the course of events. We concluded that radical measures are needed to stop the current course. A bold sketch of such a rethink might start like this: The massive failure of the sprawling intelligence bureaucracies to identify imminent security risks is increasingly attributed to unwarranted secrecy in the way they operate. This structural weakness[49] of the ballooning "intelligence and security industry" possibly offers an entry point to totally change the paradigm of the way societies can produce security. To begin with, security presupposes mutual confidence between citizen and state. In the age of increasing "total information awareness" in the secretive hands of states and private actors the information asymmetry between these actors and the citizen is not compatible with a climate of trust. Hence the current security architecture cannot live up to the promised claims and is more likely to produce additional[50] risks by fomenting distrust.

The only solution to this dilemma is a radical paradigmatic change. The citizen must win full entitlement to democratically supervise all data collected, including the analytical use of the data. If there is little or even counterproductive functional value in secrecy[51], then a reversal of the way particularly government agencies pretend to produce security is urgently warranted. Fuller transparency of intelligence and entitlement to full access to stored personal data would be a starting point. And changing the philosophy of security production[52] would also bring the use of biometric data under the control of democratic and transparent supervision.

References (selection)

Amberg, Fischer, Rößler, Biometrische Verfahren (2003).

Amberg, Michael/Fischer, Sonja/Rößler, Jessica (2003): Biometrische Verfahren. Studie zum State of the Art: http://www.wi3.uni-erlangen.de:1901/forschung/Biometrie_StateOfTheArt/Biometrie.pdf

Armstrong, Illena (2003) Biometrics. Finding a Niche at Last, in SC Magazine 1 May 2003: http://scmagazine.com/asia/news/article/419620/biometrics-finding-niche-last

BBC (2005) ID trials reveal scan problems (25 May 2005): http://news.bbc.co.uk/1/hi/uk_politics/4580447.stm

Birchall, Jonathan, Wal-Mart pushes on with product ID tags, in: Financial Times 22.02.2007, p.21.

Bonditti, Philippe, Technologisation de la frontière: vers un état de peste généralisé, Chantiers politiques, No.2, 10..2004.

BITCOM, Zukunft digitale Wirtschaft, Berlin 2007.Bundesamt für Sicherheit in der Informationstechnik (2005): Untersuchung der Leistungsfähigkeit von biometrischen Identifikationssystemen - BioP II. Öffentlicher Abschlussbericht: http://www.bsi.de/literat/studien/biop/biopabschluss2.pdf

Boxell, James, Man of arms investigates bold new areas of combat, Lockheed Martin’s chief executive tells James Boxell that its interests, like the nature of security, are steadily evolving, in: Financial Times 12.03.2007, p.10.

Bundesamt für Sicherheit in der Informationstechnik Sektion Biometrie http://www.bsi.bund.de

Chang, John (n.d.): Biometrics Industry Report: An Interview with John Chang, Allied Business Intelligence: http://www.findbiometrics.com/Pages/feature%20articles/john_chang.html

Civitas Group, The Homland Security Market, Essential Dynamics and Trends,.November 2006.

Deutscher Bundestag (2005): Biometrische Daten in Ausweispapieren. Antwort der Bundesregierung auf eine Kleine Anfrage, Drucksache 15/4616, 04.01.2005: http://dip.bundestag.de/btd/15/046/1504616.pdf

Dittmann, Jana; Claus Vielhauer, Jan Hansen eds., New Advances in Multimedia Security, Biometrics, Watermarking and Cultural Aspects, Berlin (Logos) 2006.

Doyle, John M., Niche No More, Report: homeland security market still growing, threats persisting, in: Aviation Week & Space Technology, January 8, 2007, p.30.

Frost & Sullivan, World Biometric Markets, (2004).

Hayes, Ben, Arming Big Brother, The EU’s Security Research Programme, Amsterdam (TNI), 2006.

Hughes, David, Sending Out for IT, U.S. government spending on info tech outsourcing is forecast to expand for another five year, in: Aviation Week&Space Technology, January 23, 2006, p.53.

ICAO, MRTD, Vol.1, No.1 ‘Optimizing Security and Efficiency through enhanced ID Technology’, Montréal 2006.

International Biometric Group (2006): Press Release. Biometrics Market and Industry Report 2006-2010: http://www.biometricgroup.com/press_releases/pr_2006_BMIR_2010.html

International Biometric Group (2007): Purchasing Information. Biometrics Market and Industry Report 2007-2012: http://www.biometricgroup.com/reports/public/market_report.html

International Campaign Against Mass Surveillance, The Emergence of a Global Infrastructure for Mass Registration and Surveillance, TNI (Amsterdam) April 2005.

Lehman Brothers, Security Annual 2006, released January 2007, sold by Sandra Jones and Company.

Leigh Brown, Patricia (2007), In an Enclave of Serious Wine Lovers, a Mesmerising Theft, New York Times 02.02.2007.

Lock, Peter, Ein Indikator für globale Veränderungen: Privatisierung von Sicherheit - Eine Herausforderung für Friedensforschung, in: Martin Grundmann, Hartwig Hummel Hg., Militär und Politik Ende der Eindeutigkeiten? Zum Wandel institutionalisierter Gewalt, Jahrbuch der AFK Bd. 25, Baden Baden (Nomos) 1998, S.178-201.

Lay, Bill, Charles Beard, The Development Clock is Ticking For Defense Contractors, in: Aviation Week & Space Technology, February 13, 2006, p.70.

Lodge, Juliet (2006): Trends in Biometrics. Briefing Paper: http://www.libertysecurity.org/article1191.html

Lodge, Juliet, Communicating (in)Security: A Failure of Public Diplomacy, Challenge Research Paper No.3, November 2006.

Nitschke, Wolgang, Mulitbioemtrie öffnet Hochsicherheitstrakt, (URL: http://dradio.de/dlf/sendungen/forschak/600117, accessed 01.03.2007)

Nolde, Veronica, Lothar Leger, Biometrische Verfahren, Körpermerkmale als Passwort, Grundlagen, Sicherheit und Einsatzgebiete biometrischer Identifikation, Köln (Fachverlag Deutscher Wirtschaftsdienst) 2002.

OECD/TEP, Technology and the Economy, The Key Relationships, Paris 1992.

Okereke, Chima (2003): The Global Biometrics Market: http://www.bccresearch.com/ift/IFT042A.asp

Parnitzke, Christian (2006), Körpermerkmale als Schlüssel, in: technologie & management no.7/8 2006 pp.20-22.

Petermann, Thomas/Scherz, Constanze/Sauter, Arnold (2003): Biometrie und Ausweisdokumente. Leistungsfähigkeit, politische Rahmenbedingungen, rechtliche Ausgestaltung. Zweite Sachstandsbericht (TAB Büro für Technologiefolgen-Abschätzung beim Deutschen Bundestag: http://www.tab.fzk.de/de/projekt/zusammenfassung/ab93.pdf

Rötzer, Florian (2005): Was wird ein biometrischer Ausweis kosten?, 01.06.2005: http://www.heise.de/tp/r4/artikel/20/20200/1.html

Serfati, Claude ed., Government-company relationsships in the arms industry - Between change and stability, Luxemburg, EU COST Action 10, 2000.

Schaar, Peter (Hrsg.): Biometrie und Datenschutz - Der vermessene Mensch. Tagungsband zum Symposium des Bundesbeauftragten für den Datenschutz und die Informationsfreiheit am 27. Juni 2006 in Berlin, Bonn 2006

Schmitz, Patrice-Emmanuel/Huijgens, Ronald/Flammang, Marc (2007): Biometrics in Europe. Trend Report 2007: http://www.europeanbiometrics.info/images/resources/121_58_file.pdf

Felix Stadler, Privacy is not the antidote to surveillance, in: Surveillance & Security, Vol.1, No.1 pp.120-124.

Taylor, Paul (2007), Vista makes a pretty sight, in: Financial Times 09.02.2007 p.9.

Teletrust Deutschland e.V., Kriterienkatalog Bewertungskriterien zur Vergleichbarkeit biometrischer Verfahren, Berlin 18.08.2006.

Thomson, Clive, Open-Source Spying, New York Times Magazine, 03.12.2006. (http://www.nytimes.com/2006/12/03/magazine/03/intelligence.html?th=&emc=th&pa)

Tutle, Richard, Intelligence Transformation, in: Aviation Week & Space Technology, Feb.27, 2006, p.60.

Appendix I

The biometric industry by countries - World[53]

The following lists of companies identified in a variety of sources as producing biometric technologies must be put in perspective. "According to leading biometric consultants, the International Biometric Group (IBG), global biometric industry revenue in 2005 was approximately $1.5 billion,..." (Lehman Brothers 2007, p.114). This sum comprises the following submarkets: fingerprint $429m; AFIS(automated fingerprint identification systems) $609m; facial recognition $157m; hand geometry $75m; middleware $139; iris recognition $82m; voice recognition $55; signature verification$18m.

Company Products Number of employees Turnover (latest year) R & D Remarks
Keyware CCTV among others[54] 78 € 10.7 million (2005)   Belgium
Veridicom finger       Canada
Visiphor Corporation face 65     Canada
ComnetiX finger   $ 12.4 million (2006)   Canada, acquired by L-1 in 2007
Bioscrypt finger (, face) access control, IT security   $ 17.6 million (2006)   Canada, acquisition of Cognizance in 2005, of A4Vision in 2007
Imagis Technologies face       Canada, cf. Visiphor
VisionSphere Technologies face       Canada, last update of homepage in 2003
ANVIZ Biometric finger     20 software developers China
ZK Software finger 400-450 $ 1-2 million (20xx)   China
RFIDsec RFID       Denmark
CDVI group access control and locking industry, only partly biometrics 240 € 38 million (2005) 20 % of employees France
Innovatrics finger       France
Thales Security Systems finger       France
Atmel Greboble finger   $ 114.6 million (2005)   France, part of Atmel Corp. (USA), sold to e2v technologies (UK) in July 2006 for $ 140 million, but retaining rights for finger print technology by Atmel
Axis Software finger, vein       India
IQS Identity Quality Systems finger       Israel
WonderNet signature       Israel
Biometrika finger       Italy
Green Bit finger 25 € 4.4 million (2005), € 1.5 million (2004) 14 employees Italy
NEC AFIS 154,000 $ 41 billion   Japan, among the market leaders in this segment

biometric applications
Panasonic   335,000 $ 76 billion (2006)   Japan, biometric applications (iris)
Suprema finger       Korea
LG Electronics   64,000 $ 16.9 billion (20xx)   Korea, biometric applications (iris)
Neurotechnologija finger       Lithuania
FACE Technologies face       South Africa
Biometrics.co.za finger cf. Sequiam     South Africa, wholly owned by Sequiam Biometrics (USA)
Precise Biometrics finger 49 SEK 7 million (2006)   Sweden, among the market leaders in integrated products
BioMet 3D finger geometry       Switzerland
STARTEK Engineering finger       Taiwan
AdiTech iris       UK
TSSI finger       UK, acquired by a management venture for £3.3 million in 2005
Advantage Systems Solutions   150     UK, consulting & software solutions
Autonomy Corporation video surveillance, minor biometrics 1000 $ 250 million (2006)

$ 96 million (2005)
$ 21.9 million (2005) UK, infrastructure software, meaning-based computing, acquisition of Virage in 2003
AURORA COMPUTER SERVICES face       UK, software development
3VR Security face       USA
AcSys Biometrics face       USA, forth in face recognition
Alive Tech 3D face       USA
Animetrics 3D face       USA
AuthenTec finger 100     USA
BIO-key finger 100 $ 15.2 million (2006), thereof $ 0.5 million in biometrics   USA
Biometric Access Company finger 35     USA
Cogent Systems finger   $ 101.7 million (2006)

$ 159.9 million (2005)
  USA, among the market leaders, strong in law enforcement devices
Communication Intelligence Corporation eSignature, handwriting   $ 7.3 million (2004)   USA
DAON finger       USA
DigitalPersona finger       USA
Fujitsu Microelectronics America finger       USA
identiMetrics finger       USA
IDTECK finger, face       USA
ImageWare Systems finger, face, iris 93 full time $ 9.5 million (2005)   USA
Liska Biometry finger       USA
M2SYS finger       USA
NextgenID finger, face "small"     USA
Privaris finger       USA
Probaris finger       USA
SAFLINK Corporation finger   $ 7.1 million (2005)   USA
Sagem Morpho[55] finger, iris, face 234 (2006)     USA, AFIS, among the market leaders 48%
Sensory speech       USA
Sequiam Corporation finger 80 $ 1,699,000 (2006)

$ 626,000 (2005)
  USA
AFIX Technologies finger       USA, 2005 acquired by L-1
A4Vision face       USA, 2007 acquired by Bioscrypt, among the market leaders in integrated products
Geometrix 3D face       USA, acquired by Alive Tech in 2006
Viisage Technology face       USA, acquired by L-1
Identix finger, face       USA, acquired by L-1 in 2006
SecuriMetrics         USA, acquired by Viisage, later acquired by L-1

Specialist in portable systems
Iridian Technologies iris       USA, acquired by Viisage, later L-1, struck alliance with Sagem Morpho Inc

Iris + AFIS
CrossMatch finger, hand, face       USA, acquired Smiths Heimann Biometrics (SHB) in 2005 and C-VIS in 2006 (both German) , among the market leaders in integrated products
L-1 Identity Solutions finger, face , iris   $ 164.4 million (2006)   USA, acquisition of Viisage, Integrated Biometrics Technology, SecuriMetrics, Iridian Technologies, Identix, SpecTal, ComnetiX in 2005-2007, among the market leaders in integrated products, venture initiated by financial investors
Atmel Corporation   8,000 incl. a network of representatives and distributors in 60 countries $ 1.7 billion (2006)   USA, biometric applications (fingerprint), cf. Atmel Grenoble (France)
Printrak International now subsidiary de Motorola Inc.         USA, in 2000 acquired by Motorola for $ 160 million
Accu-Time Systems (ATS) finger, hand       USA, management of the working world
Datastrip finger       USA, manufacturer of hardware
Acroprint finger, hand       USA, time attendance
CMI (Control Module Inc.) finger, hand       USA, workforce management
GHG Corporation finger >300     USA, workforce management, cooperation with Control Module Inc. (CMI)
Tata AFIS       India

Map Biometry in Germany 2006[56]

General description: More than 70 companies have registered with the industrial association BITKOM[57] as being involved in the biometric sector. However only about half of them qualify as producers of some kind. Since the German biometric industry is classified by the Lehman Brothers (2007) report as very advanced and important, we reproduce the BITKOM-list at the end of this table. We assume the composition of the German sector reflects the general structure (products, R & D, production, marketing) of the biometric industry.

Company Products Number of employees Turnover (latest year) R & D Remarks
ABS Gesellschaft für Automatisierung, Bildverarbeitung und Software   15 (2003) € 0.9 million (2002)   Germany, biometric applications (voice)
ASTRO Datensysteme finger, face, voice 70 (2003) € 80 million (2002)   Germany
Cognitec face       Germany, a world leader in facial recognition, joint venture with Siemens (Klagenfurt/Austria) in 2006.
Cherry GmbH keyboards   DM 361 million (2000)   Germany, biometric applications (fingerprint)
Bosch Security Systems CCTV, voice, face, iris 7800 worldwide, but <90% fire alarm, burglary alarm and other non-biometric security systems € 1bn

biometrics not specified
  Acquired Detection Systems in 2000, Phillips CCTV assets in 2002; TeleCommunication (US) in 2006, Telealarm(Suisse) in 2006.
DERMALOG Identification Systems finger 50 (2006) € 10 million (2005)   Germany, strong in export of fingerprint control systems,
Smiths Heimann Biometrics finger, hand ca. 100 (2005)
85 (2004)
    Germany, acquired by CrossMatch (USA) in 2005
SOFTPRO signature 60 (2006) € 9 million (2005)   Germany
ID Solutions (ID) face       USA

APPENDIX II

Index of companies A -Z[58]

Key Products: C =consulting; P = producer; I = system integrator; U = user; M = sale, marketing;

X = entire range; a = finger; b = hand; c = face; d = iris; e = language, lips; f = typing; g = signature

Company Product/Service Rang Website
1. @bc - Arendt Business Consulting C,U x http://www.atbc.de
2. ABS Applied Biometric Systems GmbH P a http://www.biometricsys.de
3. acem systeme / Ing. -Büro C, I a http://www.acem.de
4. Baltus René C,H fg http://www.hesy.de
5. B&L Management Consulting GmbH C x http://www.bulmc.de
6. Bergdata Biometrics GmbH C,P,I ae http://www.bergdata.com
7 .Biometrics Solutions AG P,I a http://www.biometric-solutions.de
8. Biometronix GmbH C,P,I,U ac http://www.biometronix.com
9. Bosch Sicherheitssysteme GmbH C,P,I,U acd http://www.bosch-sicherheitssysteme.de
10. Bromba GmbH C,P,M x http://www.bromba.com
11. Bundesdruckerei GmbH C,I ac http://www.bundesdruckerei.de
12. Byometric Systems AG C,PI,U acd http://www.byometric.com
13. Cherry GmbH P a http://www.cherry.de
14. Cognitec Systems GmbH P c http://www.cognitec.com
15. Controlware GmbH C,I cf http://www.controlware.de
16. C-VIS Computer Vision GmbH P c http://www.c-vis.com
17. Dermalog Identification Systems GmbH P,I a http://www.dermalog.de
18. Deutscher Sparkassen Verlag GmbH U ace http://www.dsv-gruppe.de
19. Dr. Dax, Freyberger, Küster C x http://www.dfk-bonn.de
20. Dr. Fehr GmbH I aeg http://www.4trust.de
21. EDS Deutschland GmbH C,I,U ab http://www.eds.de
22. ekey biometric systems Deutschland C,P,I,U a http://www.ekey.net
23. Electrade GmbH C,P g http://www.electrade.com
24. Flughafen Düsseldorf GmbH I,U a http://www.dusint.de
25. Fujitsu Deutschland GmbH P,I b http://www.fujitsu.de
26. Gemplus GmbH P,I a http://www.gemplus.com
27. Giesecke & Devrient GmbH C,P,I acd http://www.gdm.de
28. Hitachi High-Technologies Europe GmbH C a http://www.hht-digi.com
29. IABG GmbH C x http://www.iabg.de
30. ibi research Uni Regensburg gGmbH C,P f http://www.psylock.de
31. IBM Deutschland GmbH C,I,U acd http://www.ibm.com
32. IDENCOM Germany GmbH P,I a http://www.idencom.com
33. IKENDI Sof tware AG P,I a http://www.ikendi.com
34. Infineon Technologies AG C,P,I x http://www.infineon.com
35. Interflex Datensysteme GmbH & Co.KG P,I abc http://www.interflex.de
36. iSM-Freies Inst.f. System-Management I a http://www.secu-sys.de
37. IT Advisory Group AG C x http://www.it-advisory.com
38. it-werke C,P,I,U a http://www.it-werke.com
39. Key Source International, Europe P a http://www.ksikeyboards.de
40. MARANG GmbH C,I a http://www.marang-gmbh.de
41. Microsoft Deutschland GmbH P x http://www.microsoft.com
42. NEC Deutschland GmbH P abc http://www.de.nec.de
43. Panasonic Deutschland GmbH P d http://www.panasonic.de
44. primion Technology AG P,I,M a http://www.primion.de
45. PCS Systemtechnik GmbH P,I,U ac http://www.pcs.com
46. Real time AG C,P,I,M a http://www.realtimegroup.de
47. Sagem SA P,I acd http://www.sagem.com
48. Secorvo Security Consulting GmbH C,I x http://www.secorvo.de
49. secunet SecurityNetworks AG C,I,U x http://www.secunet.com
50. Siemens AG Programm-und Systementw. C,P,I a http://www.siemensidcenter.com
51. Siemens Building Technologies GmbH C,PI,U ac http://www.de.sbt.siemens.com
52. Siemens Gebäudesicherheit GmbH & Co. C,P,I ac http://www.sibt.com
53. Siemens AG Programm- und Systement: C,P,I a http://www.siemensidcenter.com
54. Signature Perfect KG C,P,I,U g http://www.signature-perfect.com
55. signotec GmbH C,P,I,M g http://www.signotec.de
56. SimonsVoss Technologies AG H a http://www.simons-voss.de
57. SiVisions GmbH P c http://www.sivisions.de
58. SIZ GmbH C x http://www.SIZ.de
59. Smiths Heimann Biometrics GmbH  P a http://www.shb-jena.com
60. SOFTPRO Software Professional P g http://www.softpro.de
61. SRC Security GmbH C x http://www.src-gmbh.de
62. Steinbeis Transferzentrum für Biometrie & Identifikationslösungen C x http://www.stz-bil.net
63. takeID GbmH C,P,I acd http://www.takeid.com
64. Tel indus GmbH C,I,U acd http://www.telindus.de
65. TST Deutschland Vert r iebs GmbH P a http://www.tstgroup.biz
66. T-Systems, ITC-Security C,I,U x http://www.t-systems.com
67. TÜV Informationstechnik GmbH C x http://www.tuvit.de
68. Utimaco Safeware AG I a http://www.utimaco.de
69. Viis age Technology AG C,P,I c http://www.viisage.com
70. Vistas GmbH C,M,I a http://www.vistas-gmbh.de
71. VOICE.TRUST AG C,P,I e http://www.voicetrust.com
72. WACOM Europe GmbH P g http://www.wacom-europe.com

Source: adapted from: BITKOM, LANDKARTE BIOMETRIE DEUTSCHLAND 2006, Berlin 08/2006.

Footnotes

[1] This term evokes the concept of "military-industrial complex" and thus a particular non-market relationship between the state and the military industry as well as undue political manipulation of the democratic sovereign.

[2] In conservative discourses much is made of the fact that so far terrorists have not struck again inside the United States. The government is given credit, a causal relationship with the heavy investment in border control - aggressive border control is taken for granted.

[3] Originally an analysis of the economic dynamics of the biometric industry was not part of WP4.

[4] A privately run experiment suggest that in the near future electronic cameras will be able to easily identify people who have been expelled from a location among thousands of people daily entering a mall or a sports stadium for example. Two state employees compared the facial algorithms of eight most sought criminals on Fox TV with the algorithms of faces created on the basis of the photos of nine million driving licenses issued in Massachusetts. They successfully identified one criminal as the owner of a driving license. This experiment demonstrated that stealth supervision and access control of large crowds will soon be feasible on the basis of facial algorithms calculated from pictures taken with remote cameras. (NYTimes #).

[5] See the pioneering work of Fritz Sack (Hg.), Privatisierung der Sicherheit, Baden Baden (Nomos) 1995.

[6] Reports of high FRR and FAR of current systems should not be a barrier, since these deficiencies are rapidly to be overcome by multi-biometric processes. See: Wolfgang Nitschke, Multibiometrie öffnet Hochsicherheitstrakt http://www.dradio.de/dlf/sendungen/forschak/600117.

[7] We encountered several structural difficulties to empirically assess the biometric industry. The leading industrial magazines are not accessible in the public library system in Germany. The same holds for timely industry reports produced by leading consulting firms. Conferences where the key players meet are shielded from academic research by charging prohibitive fees for academics wanting to attend. A European police conference in Berlin dealing with relevant matters is a case in point. The organiser charged € 975 participation fee. The most recent market forecast 2007-2012 for the biometric industry is prohibitively priced for academic research relying on public libraries, it is priced 3.955 US $. (International Biometric Group, Biometrics Market and Industry Report 2007-2012).

[8] The State Department in the United States has built already a data base of biometric data of more than 6.1 million travellers crossing the US-border (Lehman 2007 p.29). But also Croatia gets best marks from the biometric industry. The country is the first one in Europe, which maintains an accessible electronic data bank with the biometric data of all persons who were issued a travel document (passport or visa) to enter or leave the country (Parnitzke 2006 p.22).

[9] The term "blind" insinuates that so far it is not known whether the imposition of intrusive control systems based on biometric features actually contributes to the proclaimed aim to improve security by fending off "terrorists".

[10] GWOT = Global War on Terror.

[11] This 477 pages compendium assembles more than thirty articles by forty authors representing academic research, industrial lobbyists and governmental specialists.

[12] Lehman Brothers, Security Industry Annual Report 2006, released in January 2007, 290 pp. Purchased by WP 4 as a read-only pdf-file. The report is produced to inform Lehman Fund and Wealth Management customers about investment opportunities in the security industry including the biometric sector..

[13] "Veralltäglichung" insinuates the process of something one gets subtly accustomed to and which is becoming part of daily routine. For example, the new generation of personal computers offers already security features like a biometric fingerprint reader (Taylor 2007). The 2002 report (Nolde 2002 pp.250-263; 281-291) had clearly predicted the replacement of multiple PIN-codes by modes of biometric authorisation, which appears to be at the brink of widespread application as confirmed by the following quote from the NewYork Times: "Wine cellar designers are increasingly installing fingerprint and voice recognition systems and crisscrossing laser beams that trigger alarms (à la the movie ‘Entrapment’ with Sean Connery and Catherine Zeta-Jones), said Ton Ban, a wine cellar designer..."(Leigh Brown 2007).

[14] In proportion to items in the military budget for example it pays for a few hours of the war in Iraq, American expenditures only.

[15] Another area where the faster rates of innovation in globalised civilian markets has manifested itself is military combat and flight simulation. The latest games and play stations form the basis of simulation in military training.

[16] Sagem and Snecma were merged to form Safran, a French defence and jet engine conglomerate. In the nineties Sagem acquired Morpho Inc. based in the United States, where AFIS development and production continues to be located. This fact allows Sagem Morpho Inc. to bid for US-government contracts concerning national security.

[17] The evolution of the nuclear energy industry was taken as a proof since it reflects this pattern. Private risk capital would not have engaged in the expensive research exploring the applicable feasibility of nuclear fission, which after its military application eventually allowed large scale nuclear power generation.

[18] OTA, Building Future Security - Strategies for Restructuring the Defense Technology and Industrial Base, Washington D.C. 1990.

[19] The civilian sector was totally neglected in the Soviet Union and not exposed to competitive global markets. The Soviet economy missed out on the astonishing rate of innovation in the information technology, which made advanced information technologies unavailable in the Soviet military industry. It explains the technological inferiority of Soviet weaponry towards the end of the Cold War with no chance to catch up. The Cold War rhetoric was interested in hiding this fact as long a possible, because the military-industrial complex depended on the perception of the Soviet threat, in order to position the next generations of weapon systems in the virtual arms race and secure the funding.

[20] The extraordinary rates of innovation are explained by the character of the competition in this sector, which is plaid out over time monopolies, which must be exploited in global markets before the next innovation devalues the product. The market leaders were forced to invest heavily in R&D, in order to stay competitive. R&D investments by the leading corporations soon dwarfed military and other governmental R&D budgets.

[21] For an excellent summary of this debate see: OECD/TEP, Technology and the Economy, The Key Relationships. Paris 1992.

[22] Though the long time frames for designing new generations of weapon systems were incompatible with the rate of innovations in the manufacture of chips for example. The culture of customized design characteristic for the arms industry could hardly cope with the fast replacement of chip generations.

[23] UAV-Predator is manufactured by General Atomics. The company was founded after 1990 and landed its first Pentagon contract with the Predator, it had developed on the basis of private risk capital. (AW&ST, Jan15, 2007, p.122f. Incidentally the DHS has also opted for Predators to survey national borders.

[24] The F-22 and the Eurofighter are cases in point. Questionable new missions were invented for these expensive aircraft originally custom-designed for air combat with Soviet fighter aircraft.

[25] Inside the Pentagon alone operate eight different intelligence bodies, which together command an annual budget of 38bn dollars (Thomson 2006). Though Rumsfeld’s attempt to put the Pentagon into the driving seat controlling all intelligence services met opposition and was rejected.

[26] The absence of transparent competitive bidding for government contracts is typically justified by the urgency of the task and the imperative of national security requiring absolute secrecy of many programs.

[27] As the current "binge spending" for military equipment endowing the big Pentagon suppliers with "stellar profits" (19 % of annual return on invested capital in the case of Lockheed) will eventually come to end, Lockheed and the likes move into non-military markets like the $ 1,00bn-a-year health market as well as into the homeland security market by taking over small promising companies. As the CEO of Lockheed explained in a recent interview many products in the homeland security sector have a dual use potential and allow to access non-governmental markets. "The purchase of Savi, a company that supplies electronic devices to track the location and cargo of shipping containers, gives Lockheed access to a market for technology already used by the military and which has obvious uses in homeland security and logistics. It could also push the company beyond traditional government customers into commercial supply chain management. .. A sprawling company, with interests running from Mars spacecraft to digitising FBI fingerprints and processing social security cheques."(Boxell 2007).

[28] The willingness of the EU to let airlines supply sensitive passenger data to the US authorities, in spite of the fact that this was later branded as legally unacceptable by the European Court, is a case in point

[29] A case in point is the intention of New York City to control incoming road and rail traffic for radiation, in order to forestall "nuclear terrorism".

[30] See for instance the market leader: SDM-Magazine (Security & Distribution Marketing). Given the hype about biometrics in the media and the grave concerns about the intrusiveness of biometric devices broadly applied one would expect that special periodicals would have been created. But Ullrich’s, the comprehensive register of worldwide periodicals does not show a single entry in its 2006 edition under the heading biometrics.

[31] The Orwellian data bases governments are intent to fill with biometric algorithms of individual citizens do not constitute a technological challenge. Data storage and retrieval in similar dimensions are practised in the corporate sector. The computing capacity required to generate complex dynamic algorithms, like in the case of face recognition, is less demanding than the requirements of calculating the aerodynamics of jet-engines for the current generation of large aircraft for example. Basically such software is available "off the shelf".

[32] Newspapers critical of the current Bush-administration like the New York Times report almost weekly on favouritism and breaches of proper contract procedures and of contractual obligations tolerated by the administration in the field of national security. This is in addition to the multiple "pork barrel" amendments of the budget law, which often stipulate unwarranted procurement.

[33] Generic innovation allows multiple potential applications of an innovation as opposed to R&D seeking single purpose customised innovation which is typically stipulated in military R&D contracts, whereas R&D financed by the private sector is always geared towards the generic properties of an innovation.

[34] In studies published 2005 and 2006 one would expect more recent estimates or figures based on budget data.

[35] The Pentagon insisted in 2002 on developing the means for "total awareness" to prevail in the "war on terror". But this totalitarian politico-bureaucratic aspiration had to be withdrawn because of widespread opposition.

[36] Company statement retrieved from the website http://www.ict-prize.org (15.02.2007).

[37] An example would be that the inherited tasks of the DHS include aerial surveillance, which means the DHS runs a fleet of intelligence aircraft, manned and unmanned. These are expensive and costly to operate. The suppliers belong to the traditional military-industrial sector.

[38] A mere $1,5bn is the estimate for 2005 for the global market for biometric products. (Lehman 2007 p.116).

[39] For ample evidence of this trend see the electronic journal ‘Surveillance & Society (www.surveillance-and-society.org).

[40] Since markets drive innovation governments would be operating with second rate software, if they were seeking customised "secret" software packages.

[41] It should be noted at this point that the military are increasingly facing the same dilemma. To deploy the latest generation of sophisticated weapon systems specialists from the manufacturer have to be hired. Thus today’s battlefield (Iraq, Afghanistan) sees civilian specialists and soldiers in joint action, which raises serious questions of status and protection by international law.

[42] PIN codes are too costly to service at the level of enterprises. Both FRR (false rejection rates, if mistaken codes lead to a rejection ) and FAR (false admission rates, if the code is stolen) require frequent interventions..

[43] See: http://www.dermalog.org

[44] Fingerprint controlled computer mice are already sold for roughly € 50. (http://www.eyewatch.com/access_control/biometric-access-control-hardware.htm)

[45] Luxury cars in Brazil equipped with such tags have been located in the middle of the Atlantic, while travelling aboard of cargo ships to a destination in Russia.

[46]James Hall, chief executive of the Identity and Passport Service (IPS), and Bernard Herdan, executive director of Social Delivery, IPS, have given evidence to the Public Accounts Committee hearing into ePassports. Edward Leigh, the chairman of the committee, praised the scheme: "It is a pleasant change to be able to welcome a project from the Home Office which has been delivered on time and on budget". "The decision to go for a two-year warranty was essentially a value-for-money decision ... ...But as the technology becomes more mature, and since we intend to regularly re-compete those chip subcontracts and bring in a second supplier later this year, there is every chance that we will be able to get to a longer period of warranty without any significant cost.’
http://www.publications.parliament.uk/pa/cm200607/cmselect/cmpubacc/uc362-i/uc36202.htm, accessed through the Challenge website.

[47] The volume of outsourced information technology functions by the US-government was estimated for the year 2005 at $12.2bn, with an annual increase of 8 % expected until 2010. (Hughes 2006).

[48] One of the few cases of criminal data trade, which became public, was the spectacular appropriation of the intelligence files of the GDR, containing all clear names, by the CIA in 1990.

[49] Military secrecy during the heydays of the Cold War and the slow change of the paradigm in the context arms control negotiations towards transparency offer some parallels worth studying in this context.

[50] The intrusive monitoring of minority youths groups would be a case in point.

[51] The hearings on the activities of CIA and FBI before 9-11 have unearthed many incidents, where secrecy was counterproductive. Secrecy often simply protects inefficiency and organisational slack.

[52] For a similar argument see: Felix Stadler, Privacy is not the antidote to surveillance, in: Surveillance & Security, Vol.1, No.1 pp.120-124.

[53] The authors expect additional feedback from various agencies with more information on the biometric industry. We therefore will replace this table with an up-dated version not later than July 2007.

[54]Keyware stated in the historical part of its 2005 annual report the following market expectations for biometric applications in the first half of the decade:
"The operational integration of these entities and the remodelling into a synergetically functioning whole was never achieved. The period of 18 months between the floatation on the stock market and the end of 2001 showed that the market for biometric security technologies was far from mature.
Despite the fact that this market is growing further, all the information sources indicate that during the next 3 to 5 years no large-scale implementation of biometric technology should be expected.
During 2003 the Group shifted its core activities from biometric security technology to card applications in the area of access control and time registration, as well as to loyalty and payment software."

[55]Sagem Morpho is part of the Safran Group. The consolidated sales for 2006 were posted to be € 11.3 billion for the whole group. Safran consists of four business branches, Sagem Morpho belonging to the Defence & Security branch together with Sagem Défense Sécurité, Sagem ORGA and others. The sales of the Defence & Security branch were stated to be € 1.5 billion in 2006. For Sagem Défense Sécurité of which Sagem Morpho is a 100% subsidiary the number of employees is given with 6,437.

[56] In the course of our investigation we found that the sector is in flux. Of a list of companies in Amberg 2003, less than one third could be identified in the 2006 Hoppenstedt register of small and medium companies. The pace of consolidation and companies exiting the market again is enormous.

[57]BITKOM=Bundesverband für Informationswirtschaft, Telekommunikation und neue Medien e.V.

[58] This list shows that this sector is still far from consolidating and includes many start-ups, which are likely to acquired, if they are successful in the market.