Conservatives and Republicans in Rhode Island are still debating the justice of a law passed last year that would collect DNA from people not just upon their conviction for a violent crime, but their arrest. See this Facebook post for multiple threads of the argument.
One of the first points made by those who favor such practices is that the collection is of a limited amount of DNA that can only be used for identification. That’s not a very strong argument if your objection, like mine, is premised on the patent inability of the public to trust that government agents will only take what’s allowed, destroy what must be destroyed, and protect what they keep. Still, for the general public it makes things sound reasonable, which is why the supporters press the advantage by saying it’s just like fingerprints.
That’s why I thought of the issue when I came across an article in National Journal titled “How Much Damage Can the OPM Hackers Do With a Million Fingerprints?.” OPM stands for the federal Office of Personnel Management, and the issue (if you missed it in your news gathering) is that somebody (probably in China) succeeded with a massive hack of data about anybody who’s worked for the federal government, particularly those who’ve filled out extremely detailed and personal forms for security clearance.
Unlike abstract items of theft, like Social Security numbers, fingerprints can’t just be changed after a security breach, and…
Part of the worry, cybersecurity experts say, is that fingerprints are part of an exploding field of biometric data, which the government is increasingly getting in the business of collecting and storing. Fingerprints today are used to run background checks, verify identities at borders, and unlock smartphones, but the technology is expected to boom in the coming decades in both the public and private sectors.
“There’s a big concern [with the OPM hack] not because of how much we’re using fingerprints currently, but how we’re going to expand using the technology in the next 5-10 years,” said Robert Lee, cofounder of Dragos Security, which develops cybersecurity software.
How much worse would this be with DNA? I’d argue that DNA collection should be kept entirely outside of purview of government, but if that’s a bit extreme, surely it’s reasonable to draw the net tightly enough only to catch people who’ve been convicted of violent crimes.