Biometric technologies designed to commodify social control have entered the public spotlight in the context of the post 9/11-rush to impose passports worldwide with machine-readable biometric features of the holder and the ensuing creation of largely uncontrolled data bases by various governmental agencies. Citizens increasingly lose important legal entitlements under the imperative asserted by governments to fend off presumed terrorist threats. Entirely new legal doctrines permeate liberal democracies and reinforce authoritarian dictatorships. An increasingly asymmetric domination marks the relationship between the state and its citizens.
The research and statements Challenge has contributed to the on-going securitization debate convincingly highlight the many negative consequences of the politically widely accepted ideology that Western democracies are forced into an incessant war against terrorism. Several working packages within Challenge have published diligent legal analyses of measures taken by the executive in several states and shown that they break the laws protecting the liberty of citizens or that the laws are hastily amended to free securitization policies from existing legal restrictions.
There is furthermore a consensus building within the Challenge network that the current rush to introduce and legitimize social control measure ultimately leads to the self-destruction of the foundations of liberal democracy embodied in western values. Neither is there substantiated evidence that the introduction of pervasive surveillance produces any additional security at all.
The potential of ever more sophisticated biometric identification as a tool of "total social control" turns into a nightmare in the context of a fully empowered executive fighting the self-declared "unrelenting war against terrorism". Biometric identification psychologically penetrates the residual vestiges of individual autonomy, modern society has left intact. The perception of this problem is loaded with anxiety. It explains why the actors promoting the rising role of biometry are often stylised as forming part of a conglomerate of powerful corporate and bureaucratic interests. Some commentators use the term "homeland security complex" in analogy to the "military-industrial complex", a concept en vogue during the Cold War to draw attention to the undue political influence of the military sector. The empirical basis for such a characterization of the industries and government agencies involved in "homeland security" is spurious. Our study of the industrial dynamics of the biometric sector revealed fundamental structural differences of the homeland security market, when compared with the so-called military-industrial complex during its Cold War heydays.
This short note will outline the major economic determinants of the rapid advance of technologies applicable to pursue ever more sophisticated forms of social control in the course of the on-going societal securitization policies. Evidence abounds that the private sector is already (or at least likely to become) the driving force of demand in these markets. If this assessment turns out to be correct, the implications for the chances to protect liberal societies against governmental misuse of these new technologies potentially allowing forms of total societal control in the context of the "war against terror" will be far-reaching. Legal arguments based on liberal norms might lose out against pressures to use presumably risk-minimizing, easy-to-handle technologies as well as easy-to-hide surveillance.
Currently the debate within Challenge focuses on illegal practices of state agencies, particularly the uncontrolled infringement of individual rights. It also highlights technical flaws and failure rates unduly affecting the rights of citizens. However, we believe that the private sector deserves equal attention, because the private sector is relentless in seeking to exploit the potential of high-tech social control deemed to serve its economic interests. Assuming that the private sector faces few effective legal barriers, when exploiting the convenience of controls based on ever more sophisticated biometric technologies, we suggest that the exclusive concentration on the state as a violator of individual rights in the pursuit of securitizing the society against terrorist onslaughts is not any longer warranted. It is time to be realistic and start a search for alternative, most likely more radical strategies to halt the tide of sophisticated commodified controls, should norm-based defences of individual liberty fail.
The unrelenting diffusion of biometric devices in combination with ever more powerful data processing is bound to change the landscape of modern societies, not just their borders. More importantly, several trends can be identified, which suggest that the current opposition to the expanding infringement of fundamental freedoms and some of the arguments used against the apparent inflation of biometric control measures being currently instituted by governments are likely to lose some of their currency.
Firstly, the costs governments have to shoulder when introducing aggressive, mostly intrusive security technologies will not be a critical hurdle. A vibrant global corporate security market for sophisticated biometric control technologies drives rapid product innovation forward and prices down. Additionally biometric devices are in the process to be integrated into many consumer goods (replacing locks, PIN-codes etc.), which will result in extraordinary growth rates of the market for biometric technology. Thus, cost considerations are not likely to have a major impact on the political debate of how much biometry-based security is enough and what is too much. Current trends clearly point in the direction that the massive economies of scale to be played out in this market in combination with the an astounding pace of innovation delivering more performance will lead to stable, if not shrinking procurement costs. This clearly defies past experiences with government procurement in the field of (military) security. The sums involved in the procurement of the new "Orwellian technologies" are a fraction of what fighter aircraft or naval ships require to procure and maintain. In other words "total surveillance and control" comes embarrassingly cheap.
Secondly, another persistent development suggests that people are progressively more exposed in their daily routine to a pervasive application of the very technologies the state is intent to apply in controlling borders and increasingly minorities. Due to the emerging "Veralltäglichung" (the process of becoming habitual) of biometric control the collection of this intrusive data in pursuit of "homeland security" is likely to be tolerated more easily by a large majority of citizens and will therefore be with little trouble legitimized in the political arena as long as it is innocuously packaged.
A closer look at procurement required to translate the vision of securitized national borders by large-scale application of biometric technologies into reality reveals structural differences between military and this border control technology. Therefore the political economy of the military sector will not be replicated in the emerging "home security" market. The dual-use character of the technologies limits the leverage procurement bureaucracies over the market as non-government (private sector) demand is likely to be more important for the suppliers. At the same time big corporations are likely to be more exacting customers than ministerial procurement bureaucracies and press harder for product improvement and further innovation. The stranglehold certain arms manufacturers in conjunction with entrenched political lobbies have held over billions of annual military procurement is not likely to extend into the market of biometric technologies, in spite of the fact that some big military-industrial players acquired small producers of biometric systems. The demand-driven innovation cycles are too transparent as to let incumbent suppliers fend off new entrants (with superior products) with the tacit consent of the procurement bureaucracy as is the case in some military markets to this day.
Contrary to the military domain the bureaucracy procuring border control technology cannot manage the technologies it acquires by stamping them "secret". At the technical level there can be no secrecy. The software architecture used is in the public domain and governments will most likely be forced to outsource the servicing and updating to the private sector, because it is unrealistic to generate and keep up to date the necessary know-how within the ranks of government bureaucracies. The private sector, in most cases the supplier of the data processing equipment, will be handling and servicing the very technologies generating the supposedly top-secret information. The downside of this situation is that the barrier against unlawful access to governmental data bases and biometric data generation becomes structurally even more vulnerable, in spite of the fact that the private-sector personnel involved is likely to require a security clearance.
Conceptualising a strategy to halt the evolution of an authoritarian intrusive state, which neglects basic conditions of liberty under the pretence to fight terrorism, is not likely to succeed by simply refusing governmental controls based on technologies citizens are confronted with in their daily routine. Tackling the issue requires a wider perspective. It is necessary to identify the concrete applications of biometric devices, which either constitute a misuse or lead to unwarranted aggregated information, which, if stolen or used illegally, will produce disproportionate harm. It is useful to sketch the societal scenario 2007 plus ten years for example, a timeframe in which political strategies to protect the liberal state and individual rights must operate and hopefully produce results.
The most ambiguous aspect of current trends is undoubtedly that biometric control technologies are about to become "devices of convenience" in daily routines, amenities like safe access to the flat, refrigerator, TV etc. one will eventually not want to miss. In addition, it is not realistic to expect people to resist the application of controls based on biometry. One cannot simply refuse to be subjected to them, because the acceptance to use them is likely to become and is in many cases already a precondition of being employed, as multiple access controls at the workplace are or will shortly be based on biometric identification. Thus, fingerprint or iris control and eventually face recognition will sooner or later command many, often welcomed functions in the private sphere as well as at the workplace. The integration of biometric data in official documents other than passports like driving licenses, which are configured as smart cards, is globally in full swing. A small German company provides a number of states in Brazil with smart cards, which serve as driving licences. They carry the compressed biometric data of the bearer and the police is supplied with simple handheld reading devices (of the fingerprint in this case) and can instantly control the identity of the bearer of the document.
States affected by widespread corruption, by high levels of fraud, and elevated economic criminality are possibly more likely to take the lead in applying biometric controls at large scales than the EU for example. It defies imagination what use of the biometric control potential the racist Nazi-regime would have made, had it been available. But the potential value of functionally stealth, intrusive controls, based on biometric instruments like face recognition for today’s dictatorships or incumbent "democratic" elites wanting to stay in power by intrusive manipulation rather than visible police action is only too obvious.
Dubai, where all the problems as well as gadgets of the global neo-liberal order crystallize and sprawl with a breathtaking speed, is likely to develop into a "guinea pig", where all new control technologies are likely to be applied or tested without restrictions. The extremely vulnerable extreme modernity and cultural diversity of this emerging megapolis is unfailingly creating massive demand for security. In addition to the corporate world in general one would look at places like Singapore to search for precursors of applied comprehensive social control technologies in "public-private partnerships". Singapore offers ideal conditions for testing new technologies using biometric data: advanced modernity in the context of a disciplined society under authoritarian control. Thus it comes as no surprise that the most recent annual report of Citigroup, the world’s largest financial company, "began ist list of achievements in 2006 with its launch of a biometric credit card in Singapore."
Based on the information we collected so far, we hypothesize that the evolution of the biometric industry will be driven by a fast expanding demand within the private sector ranging from corporate security concerns to personal household access devices. Commercial and financial transactions of all kind are likely to rely on biometrical identifiers for authentification. It is safe to assume that the next generations of security and social control devices will mainly rely on biometrical parameters, because of the unmatched safety biometry offers. The error rates (FRR, FAR), often cited as proof of the unacceptable unreliability of controls based on biometric parameters, will be rapidly overcome by the development of systems using multiple biometric parameters. For example, in combination with RFID biometric identification smart cards have the potential to dramatically transform hospitals and similar institutions in a few years time by providing instant comprehensive information awareness. Profound worrying changes in social transactions are in the offing, if biometric parameters are merged with vast quantities of information. We assume that arguments like cost reduction, increase of efficiency etc. will silence most objections against an ever deeper information awareness by governmental and corporate agencies.
As an innocuous introduction the first generation of personal computers is being marketed, where the user can program his own fingerprint as an access control. Though such applications of everyday control technologies based on biometrical parameters are not yet widespread and are still expensive. But it is safe to assume that biometric identification will rapidly become a mass market and as a result such devices will be pervasively affordable and replace conventional access controls. This trend will be perceived as offering convenience and "absolute" safety compared to current control technologies, which can be stolen or lost, thereby creating inconveniences.
The most likely scenario will be societies, which organise their daily life, in particular the separation of any private sphere from publicly accessible spaces, on the basis of easy-to-use biometrical control devices. Corporate and social supervision as well as control will be further advanced by a wide-spread, often enforced application of RFID tagging allowing remote instant control. In the case of car safety RFID tags the signal is strong enough to be collected via satellite. As control technologies are penetrating the daily routine at the threshold separating private domains from the public space, it becomes ever more difficult to energize a political debate aiming at limiting the intrusive strategies of the state using biometrical control devices justified by the pretension to "produce security".
We have come to believe in the course of studying the private sector dimension of biometry that it will be difficult to find a political majority denying the state the use of control and exclusion technologies, which at the same time form part of the daily routine of every citizen, not least because private corporations consider themselves entitled to biometrically commodify their security as they deem appropriate. As people get accustomed to biometric technologies, these are likely to be perceived as amenities in the organisation of daily routines, in particular convenient access and safe control etc. rather than a threat.
For people to insist on a passport not carrying biometric data or exclude any use other than individual identification requires an offensive debate on how to effectively limit the reach of the state. Unproven claims that perfecting border control by applying biometric technology provides better security are the starting argument to a process of potentially self-sustaining dynamics of misuse of biometric data bases by security agencies. Should the system fail in certain cases, it will not be put in question, to the contrary the bureaucratic reflex will demand additional resources to refine and expand the system. It is difficult to stop such a process, because security agencies consider themselves entitled to professional secrecy, which, though in most cases absolutely unproven, is considered to be a precondition to efficiency.
On the other hand organising a democratic society presupposes a liberal consensus that trust rather than fear is the fundamental building block of a liberal democracy. Though trust bears inevitably the risk of betrayal, a liberal democracy has to contend with. But in the current political climate political majorities are built by instigating fear, which one proposes to allay by a tougher security measures, notwithstanding that these measure predictably undermine the foundations of liberal democracies. During such debates it is virtually impossible to convey the argument that the latent risk of biometric data bases collected by the state for seemingly benign purposes being misused, possibly constitutes the greater danger.
Based on our survey of the suppliers of biometric technology we firmly argue that economic interest is unlikely to exert significant pressure on governments to speed and expand the introduction of biometric devices to control external borders. There is no reason to assume that the lobbying on behalf of the biometric industry exceeds normal salesmanship, when it comes to win procurement contracts. To the contrary, as a recent hearing in British parliament testifies, the government agencies manoeuvre as absolutely sovereign customers in a diversified market. We also argue that the government is neither a precursor in this technology nor likely to become the dominant customer in the sector. Given that the market for technologies using biometric features is a dynamic global "dual-use" market, contrary to the markets for military technology, government-funded r & d is not the technology driver. Instead the chance to win a time-monopoly in this rapidly growing global market with an innovative product attracts private capital to fund r & d.
This overview of the current market leads to the conclusion that the current debate on the inherent danger of biometry is overly state-focussed and does not pay sufficient attention to the infringement of individual rights by the largely uncontrolled application of biometric control devices in the private sphere, especially in the corporate sector. Particularly worrying is the perspective of an interaction or rather a collusion between the corporate sector and government agencies, wherever efficient democratic controls are not operational.
National borders are just one set of social borders. There is ample evidence that other more or less, mostly privately policed social borders are multiplying. The latter often separate and create social apartheid as sharply or even sharper than national borders, such as gated communities or no-go areas at the other end of the social spectrum. What happens in the corporate sector is hidden in the fog of the entitlements and entrepreneurial freedom, private property is legally endowed with. It is therefore even more difficult than in the case of secretive governments to arrive at comprehensive, reliable information concerning the use of biometric control technology. Thus, new research designs are urgently required to shed light on these wider questions. As mentioned above such projects should venture to study the problems in Dubai, Singapore, and similar focal points of global capitalism.
Since biometric technology will not be disinvented, but most likely be rapidly perfected, political strategies to engulf the misuse of biometric data are not helped by focusing on current levels of malfunctioning, because they will be but a transitory phenomenon as the simultaneous application of multiple biometric parameters drive FARs and FRRs towards zero. The recording of a person’s biometric data and the algorithmic transformation in digitalised identity is a neutral process. Liberty and the rule of law can come under attack only at the level of systemic integration of data sets. In other words, the danger zone is not so much the biometric control device as such, but the software, which organises, transfers, stores, retrieves, and fuses the data, constitutes the danger zone, where any misuse originates.
Several processes can lead to misuses of stored biometric data.
This list is far from complete, but it urgently suggests a frugal approach towards demands to create data bases containing biometric data among others. The political debate and research must address questions like the co-variation of social trust and security and the futility of maximising security on the basis of ever tighter controls. Merely technical interventions and the proliferation of instruments of "instant awareness" will not be able to harness the innate dangers of the global modernisation process. The response must be foremost political in character.
Unfortunately, it is in the interest of many political actors and agencies to foster a climate of fear and use these instruments. The importance of social cohesion as a fundamental condition of a stable liberal democracy is not any longer recognized. As a result the historical evidence that functioning liberal democracies provide the safest form of social organisation is not any longer contemplated in political discourses, instead high-tech commodification of security without serious evaluation of its efficiency dominates the debates and the policies implemented.
Neither the technology nor the sprawling data bases, which even insinuate fantasies of "total situational awareness" in the supremacist circles of the Pentagon among others, can realistically be forced back into the bottle. So what is to be done to defend the liberal state? Merely stopping the leaks will not stabilise the situation. Instead it seems pertinent to completely rethink security, secrecy, and the relationship between citizen and state.
Researching the economics of biometry and its rapidly emerging role in the "production of security" by states as well as in the corporate sector did not encourage a benign view of the current course of technological innovations. The astonishing pace of innovations creates powerful instruments of social control, increasingly facilitating operations in stealth mode. This course towards the technological feasibility of total situational awareness creates an unacceptable informational asymmetry between the controller and the controlled. It is not compatible with the requirements of democratic control of the political executive and bound to inherently lead to misuse. Since technology cannot be disinvented, a radical rethinking of how security can be produced, while preserving liberal democracy, is needed to stop the current course of events in the processes of societal securitization at all levels.
A first sketch of such a rethink should target the massive failure of the sprawling intelligence bureaucracies to identify imminent security risks. They are rightly attributed to a considerable extent to unwarranted secrecy in the way they operate. This structural weakness of the ballooning "intelligence and security industry" possibly offers an entry point to totally change the paradigm of the way democratic societies should produce security. To begin with, security presupposes mutual confidence between citizen and state. In the absence of a basic trust in the evenhandedness of the state as a provider of security, perceptions of insecurity proliferate on all sides, of the state as well as in particular among minorities. As a result a spiralling dynamics of "security production" mirroring mutually reinforcing threat perceptions ensue. They have their ideological roots in a false reaction to the ugly realities of the current global order in times of neo-liberal regulation.
In the age of increasing "total informational awareness" in the secretive hands of states and of the corporate sector the informational asymmetry characterizing the relationship between these actors and the citizen is not compatible with minimum levels of democratic control and mutual trust. Hence the current security architecture cannot deliver what it claims to provide. To the contrary it is likely to produce additional risks by fomenting distrust. The intrinsic logic of preventive action leads to a dynamic escalation within the secretive security bureaucracies towards "total social control". In this virtually paranoid mindset of the security agencies democratic control is perceived as a dangerous interference with the "production of security" and must take the backseat, while the current ideology to pre-empt imminent perceived "terrorist dangers" prevails.
The only solution to this dilemma is a radical paradigmatic change. A lasting production of security requires to overcome the dramatically increasing informational asymmetry. The citizen, which explicitly includes minorities claimed to form a threat, must win full entitlement to democratically supervise all data collected as well as the analytical use of the data. There is little or even counterproductive functional value in secrecy. Therefore a reversal of the secretive way particularly government agencies pretend to produce security is urgently warranted. Fuller public transparency of intelligence and entitlement to full access to stored personal data would be a starting point. And changing the philosophy of security production would also bring the use of the ballooning biometric data under the control of democratic and transparent supervision.
Instead of exclusively focusing on strategies against the constant infringement of liberal norms and changes of laws in the course of alarmist governmental security policies, which unfortunately have limited chances to succeed, a "Plan B" must be in place or at least prepared, should current strategies to defend liberal norms indeed fail. Since the defence of liberal norms in the face of an absolute secretive informational superiority based on ever more powerful control technologies would require equality in informational access, Plan B would ask for the unequivocal dissolution of the governmental prerogative of secrecy and a curtailment of the entitlements of private property to the extent that they infringe the liberal autonomy of the citizen. Under "Plan B" the badly worn paradigm of "open society" would assume an entirely new connotation. The enormous empowerment of secretive agencies and corporate actors as a result of the breath-taking technological advances of control technologies requires radically new strategies aiming at defending the liberal state and entitle the citizen to equal access to the collected and accumulated data bases in governmental and corporate domains. Only in this way the autocratic dynamics of intelligence and security agencies and the arbitrary corporate violation of individual rights can be reigned in and the liberal democracy defended.
Civitas Group, The Homeland Security Market, Essential Dynamics and Trends, November 2006.
Hughes, David, Sending Out for IT, U.S. government spending on info tech outsourcing is forecast to expand for another five year, in: Aviation Week&Space Technology, January 23, 2006, p.53.
Lehman Brothers, Security Annual 2006, released January 2007, sold by Sandra Jones and Company.
 This redefinition of executive empowerment in the war against terrorism is not restricted to the United States, where the Bush-administration appropriated the extraordinary theory of "unitary executive", which is a formula for autocracy. It has no antecedents in American history nor is it supported by the Constitution. In Germany the doctrine of Feindstrafrecht is being proposed by conservative legal experts, which would eliminate entitlements to privacy among others to allow the executive the unlimited pursuit of pre-emptive security strategies. See: Thomas Uwer, Bitte bewahren Sie Ruhe Leben im Feindrechtsstaat, Schriftenreihe der Strafverteidigervereinigungen, Berlin 2006.
 Current examples are Pakistan and Ethiopia, whose governments are supported by the United States as allies in the "war against terrorism"..
 Peter Lock, Wolfgang Schreiber, The economic dynamics of biometric control technologies, Working paper 03/2007 (Challenge deliverable).
 A recently published memorandum on biometry supports many arguments presented in our study (footnote 3) as well as in this note. See: Comité Cpnsultatif National r’Ethique pour les Sciences de la Vie et de la Santé, Avis no,.98, Biometrie, données identificantes et droit de l’homme, Paris Avril 26, 2007 (accessed through the Challenge Website).
 For ample evidence of this trend see the electronic journal ‘Surveillance & Society (http://www.surveillance-and-society.org).
 SAGEM, the French manufacturer, now merged with Snecma into Safran is a case in point. Its role as a supplier of fingerprint technology among others resulted from the acquisition of a small American company specialising in this technology.
 Since markets drive innovation governments would be operating with second rate software, if they seek customised "secret" software packages.
 It should be noted at this point that the military are increasingly facing the same dilemma. To deploy the latest generation of sophisticated weapon systems specialists from the manufacturer have to be hired. Thus, today’s battlefield (Iraq, Afghanistan) sees civilian specialists and soldiers in joint action, which raises serious questions of status and protection of the personnel involved by international law.
 PIN codes are too costly to service at the level of enterprises. Both FRR (false rejection rates, if mistaken codes lead to a rejection ) and FAR (false admission rates, if the code is stolen) require frequent interventions..
 See: http://www.dermalog.org.
 Jonathan Birchall, Pay By Touch puts its finger on loyalty, in: Financial Times (European edition) June22, 2007, p.14.
 Currently this term in mainly used by the American military describing the real-time integration and distribution of all available intelligence.
 Fingerprint controlled computer mice are already sold for roughly € 50. (http://www.eyewatch.com/access_control/biometric-access-control-hardware.htm)
 Luxury cars in Brazil equipped with such tags have been located in the middle of the Atlantic, while travelling aboard of cargo ships to a destination in Russia.
 The congressional investigation concerning the intelligence failures before 9/11 produced evidence that secrecy and rivalry within the vast network of intelligence agencies contributed to the failure.
 See footnote 3.
 James Hall, chief executive of the Identity and Passport Service (IPS), and Bernard Herdan, executive director of Social Delivery, IPS, have given evidence to the Public Accounts Committee hearing into ePassports. Edward Leigh, the chairman of the committee, praised the scheme: "It is a pleasant change to be able to welcome a project from the Home Office which has been delivered on time and on budget". "The decision to go for a two-year warranty was essentially a value-for-money decision ... ...But as the technology becomes more mature, and since we intend to regularly re-compete those chip subcontracts and bring in a second supplier later this year, there is every chance that we will be able to get to a longer period of warranty without any significant cost.’
http://www.publications.parliament.uk/pa/cm200607/cmselect/cmpubacc/uc362-i/uc36202.htm, accessed through the Challenge website.
 The legal doctrine of an absolute prerogative of the executive branch created by the current Bush-administration has virtually eclipsed democratic controls and often the due process of law. The legal constructions facilitating Guantanamo are a case in point. Telephone tapping in the United States after 9/11 without due authorisation showed how easy it is apparently to organise stealth government-corporate collusion in breach of laws.
 A recent survey on data loss and theft gives an indication of the intrinsic risks of systemic integration of data. See: Maija Palmer, Data leaks hit majority of companies, in: Financial Times (European edition), March 24, 2007 p.2. For a list of the largest and most serious cases see: Paul Taylor, Phishing and skimming surge, in: Financial Times (European edition), June 27, 2007, p.4 Supplement on Corporate Security.
 The volume of outsourced information technology functions by the US-government was estimated for the year 2005 at $12.2bn, with an annual increase of 8% expected until 2010. (Hughes 2006).
 One of the few cases of criminal data trade, which became public, was the spectacular appropriation of the intelligence files of the former GDR, containing all clear names, by the CIA in 1990. It took more than a decade before the German government finally was granted access to these files, in form of copies, which might not be identical with the original data set.
 Military secrecy during the heydays of the Cold War and the slow change of the paradigm in the context of successful arms control negotiations towards transparency offer some parallels worth studying in this context. Progress in these negotiations hinged on improved transparency.
 The intrusive monitoring of minority youths groups would be a case in point.
 The hearings on the activities of CIA and FBI before 9-11 have unearthed many incidents, where secrecy was counterproductive. Secrecy often simply protects inefficiency and organisational slack.
 For a similar argument see: Felix Stadler, Privacy is not the antidote to surveillance, in: Surveillance & Security, Vol.1, No.1 pp.120-124.