CIMM Committee Meeting

37th PARLIAMENT, 2nd SESSION

Standing Committee on Citizenship and Immigration

EVIDENCE

CONTENTS

Thursday, October 30, 2003

¹

1535

The Chair (Mr. Joe Fontana (London North Centre, Lib.))

Dr. Tony J. Juliani (Vice President, Government Relations, IDVoiceBank, Inc.)

The Chair

Dr. Tony J. Juliani

¹

1540

¹

1545

The Chair

Mr. Ian Williams (Principal, Identity Systems Group)

¹

1550

¹

1555

º

1600

The Chair

Mr. Dominique Peschard (Vice-President, Board of Directors, Ligue des droits et libertés)

º

1605

º

1610

Mr. Roch Tassé (Coordinator, International Civil Liberties Monitoring Group)

The Chair

Mr. Grant McNally (Dewdney—Alouette, Canadian Alliance)

º

1615

Mr. Ian Williams

º

1620

The Chair

Dr. Tony J. Juliani

The Chair

Ms. Madeleine Dalphond-Guiral (Laval Centre, BQ)

The Chair

Ms. Madeleine Dalphond-Guiral

Dr. Tony J. Juliani

º

1625

Ms. Madeleine Dalphond-Guiral

Mr. Dominique Peschard

Ms. Madeleine Dalphond-Guiral

º

1630

The Chair

Mr. Ian Williams

The Chair

Mr. Ian Williams

Dr. Tony J. Juliani

º

1635

The Chair

Mr. Roch Tassé

The Chair

Mr. Ivan Grose (Oshawa, Lib.)

Dr. Tony J. Juliani

Mr. Ivan Grose

Dr. Tony J. Juliani

Mr. Ivan Grose

Dr. Tony J. Juliani

Mr. Ivan Grose

Dr. Tony J. Juliani

Mr. Ivan Grose

Dr. Tony J. Juliani

Mr. Ivan Grose

Dr. Tony J. Juliani

Mr. Ivan Grose

Dr. Tony J. Juliani

Mr. Ivan Grose

Dr. Tony J. Juliani

º

1640

Mr. Ivan Grose

Dr. Tony J. Juliani

The Chair

Dr. Tony J. Juliani

The Chair

Dr. Tony J. Juliani

The Chair

Dr. Tony J. Juliani

The Chair

Mr. Inky Mark (Dauphin—Swan River, PC)

Mr. Ivan Grose

Mr. Ian Williams

The Chair

Mr. Inky Mark

º

1645

The Chair

Mr. Dominique Peschard

Mr. Inky Mark

The Chair

Mr. Ian Williams

Dr. Tony J. Juliani

º

1650

The Chair

Mr. Dominique Peschard

The Chair

º

1655

Mr. Ian Williams

The Chair

Mr. Ian Williams

The Chair

Dr. Tony J. Juliani

»

1700

The Chair

Mr. Grant McNally

Mr. Ian Williams

Mr. Grant McNally

The Chair

Mr. Grant McNally

Dr. Tony J. Juliani

The Chair

Mr. Ian Williams

Mr. Dominique Peschard

The Chair

---

CANADA

Standing Committee on Citizenship and Immigration

---

NUMBER 080

l

2nd SESSION

l

37th PARLIAMENT

---

EVIDENCE

Thursday, October 30, 2003

[Recorded by Electronic Apparatus]

¹  (1535)  

[English]

    The Chair (Mr. Joe Fontana (London North Centre, Lib.)): Colleagues, while we're waiting for a couple of our other colleagues, I'll open the meeting by welcoming our witnesses as we discuss and consider a national identity card. It's a pleasure to have with us today, from IDVoiceBank, Inc., Tony Juliani, vice-president, government relations; from Identity Systems Group, Ian Williams, principal; and from the Ligue des droits et libertés, Dominique Peschard, vice-president, board of directors; and Roch Tassé. Bienvenue à tous. It's our pleasure to have you here, and we look forward to your submissions.

    Some of you have provided a brief. If you haven't, if I could, maybe I'll ask you to forward one to us. I know you might have some opening statements, and I look forward to those comments. If you would, take about ten minutes per organization, because I'm sure we have some questions we would like to ask you.

    Perhaps we could start with Mr. Juliani. Welcome. Benvenuto.

    Dr. Tony J. Juliani (Vice President, Government Relations, IDVoiceBank, Inc.): Thank you very much, Mr. Chairman. Merci.

    The Chair: That's Italian, by the way, the third official language of the country. Well, not officially, but it's the unofficial third language; it depends on where you are.

    Dr. Tony J. Juliani: That's true.

    Mr. Chairman, honourable members, ladies and gentlemen, thank you for the opportunity to appear before you today.

    I will keep my comments brief. I always tell my university students that five minutes is a long time if you have something to say, so now I will abide by my own recommendation. Hopefully, my comments will be of assistance to the committee.

    The debate over a national ID card for Canada continues to generate diverse opinions, as any open debate should. However, it is my humble opinion that there should be a wider scope, and the founding exercise should focus attention on strengthening existing systems and procedures for the personal identification of all Canadians and visitors to Canada through the utilization of state-of-the-art technology while keeping us fully cognizant of the fundamental rights to privacy.

    The various arguments regarding a national ID card may in fact lead to a more global strategy of protecting one's identity through the utilization of existing systems and new ones. In a presentation to this distinguished committee on February 6, 2003, the Minister of Citizenship and Immigration stated “A national ID card is simply a tool that permits the bearers to prove, with a high degree of certainty, that they are who they say they are.”

    Opponents of a national ID card argue that it does not stop terrorists and hence should be rejected. This fictitious contention is analogous, in my view, to saying we should get rid of all umbrellas because they do not stop the rain. Such fallacious arguments are designed to garner sympathy from a vulnerable public and obscure constructive efforts designed to strengthen the integrity of our personal identification system.

    Others may argue that a national ID card would infringe on a person's right to privacy. This contention conveniently overlooks the fact that the theft of one's personal identity is the most invasive abuse of privacy. What could be more personal and private than the loss of one's identity? The statistics regarding identity theft in Canada and around the world are well known to the committee.

    Nevertheless, some relevant information might shed light even for those who wish not to see. International scholars are reporting on the extent of fraudulent use of identification documents in Canada. For example, a British university researcher recently reported the following:

In the Canadian province of Ontario, there is considerable public concern about the existence of nearly twelve million identities in the health system of a province with a population of ten million. It is perceived that many U.S. citizens are using Canadian health care facilities without entitlement.

    Another example is that according to Human Resources Development Canada, “the proof-of-identity requirements established in 1976 are no longer sufficient. New technologies have made it relatively easy to forge identity documents such as birth certificates.”

    Notwithstanding the fact that foundation documents such as birth certificates, as well as entitlement documents such as passports, drivers' licences, etc., are of the highest quality and integrity, identity theft and fraudulent use of personal documents continue to spiral in Canada and around the world. Consequently, it becomes clear that existing systems of identification are not sufficient to protect the personal identity and privacy of law-abiding citizens, and therefore governments at all levels must act in concert to address this cancerous element in our society. Society demands pragmatic realism, not rhetoric.

¹  (1540)  

    Our proposal consists of using state-of-the-art biometrics technology in an integrated system to strengthen the existing systems and controls in order to safeguard personal identity. The benefits of such a system are being achieved in many countries around the world, some of them using Canadian technology. As noted, again, by the Minister of Citizenship and Immigration to this committee, “Canadian companies are at the forefront of these emerging technologies. They are working around the world developing the biometric applications for public and private sector uses.”

    Furthermore, this committee has duly noted the requirements of the U.S. Enhanced Border Security Act of 2002, requiring all travellers to carry two biometrics in order to confirm their personal identity as early as October 2004. An integrated system of biometrics may be incorporated in a national ID card or used in conjunction with other systems or documents to increase the integrity of the identification process and specifically to facilitate travel and commerce for Canadians and visitors to Canada.

    There are three conventional forms of identification in use today. One is something you have, a document. Two is something you know, your password or your PIN number. The third is something you are, personal characteristics or biometrics. Whereas documents, passwords, PINs, and ID cards can be lost or stolen, your voice is your own. No two people have identical fingerprints, faces, retinas, palms, DNA, or voices.

    Why voice verification? Voice is a high-functioning and low-maintenance biometric attribute. Unlike other biometrics, voice does not require investment in infrastructure, in special devices such as scanners; the user simply speaks into a phone. The procedure is less intrusive to consumers as they do not have to submit to fingerprinting or have their face or iris scanned.

    Voice verification technology is being extensively used by both governments and the private sector. A major Canadian bank recently announced the adoption of voice technology, and its customers will soon be the first in Canada to identify themselves entirely through their own voices when banking on the phone.

    The selection of voice verification technology provides the following advantages over other biometrics. One, voice verification is the least intrusive method of personal identification. Two, voice verification is language-independent. People can speak in the language or dialect of their choice. Three, voice verification is extremely cost-effective compared to other biometrics, approximately one-tenth the cost of using other biometrics. Four, voice verification can be implemented anywhere in the world with the simple use of a telephone. Finally, again, voice verification does not require infrastructure devices.

    A specific application we are working on is in regard to travel and commerce. In the specific application to travel, a person would be enrolled or identified prior to the individual boarding the plane or ship or leaving the country of origin. The enrolment process is conducted or activated at the time the individual receives the travel document, be it a passport or visa, in the presence of the government official. Through the use of a desk phone in a controlled environment, the individual's voice print is captured and stored for subsequent confirmation of identify as may be required.

    A live demonstration is available, and I would be pleased to do so at the appropriate time at the request of the committee.

    This process permits the verification of the personal identity of the individual at any time 24/7 and from anywhere in the world with access to a telephone. The key feature of the application related to travel in particular is the fact that the verification of a person's identity is obtained, again, prior to his or her departure from the country of origin.

¹  (1545)  

    This need for an early identification system has been a key concern for the Government of Canada, the Auditor General of Canada, the Department of Citizenship and Immigration, and the U.S. government. The Auditor General of Canada, for example, has noted that the first point of screening is established at the visa stage. The Canadian government and the U.S. government have developed a multiple border strategy and, for immigration purposes, have defined a border as any point at which the identity of a traveller can be verified.

    Furthermore, this proposed system would complement the Department of Citizenship and Immigration's program of having control officers at Canadian consulates, officers who are entrusted to identify people attempting to travel to Canada. The writer is presently working with a foreign government through its embassy in Ottawa to adopt this system for use in the activation of visas issued to travellers to this country.

    In terms of cost and efficiency, voice biometrics ranks high, even number one, when compared to other biometrics in the categories of accuracy, convenience, and cost, due to the fact that voice verification does not require established infrastructure or special devices. In addition, voice biometrics offers high-quality identification for the avoidance of error and fraud, and biometric encryption has been defined as a “friend to privacy”. Privacy advocates have difficulty expressing their opposition to it.

    In conclusion, I might point out that this debate over a national ID card has provided us with the opportunity to focus on the wider issue of protecting the personal identity of all Canadians and visitors to Canada by augmenting the security of existing systems and procedures through the integration of biometric, privacy-friendly technologies.

    I thank the members of this committee for the opportunity to appear before you and wish you continued good work.

    The Chair: Thank you, Mr. Juliani, for your presentation. I'm sure we have some questions for you.

    Now it's Mr. Ian Williams, principal of the Identity Systems Group. Welcome, Mr. Williams.

    Mr. Ian Williams (Principal, Identity Systems Group): Thank you, Mr. Chair and members of the standing committee. Good afternoon.

    I was going to read from my brief, but I'll ask your indulgence if I depart from reading it verbatim. After listening to some of Mr. Juliani's comments, I do want to skip through some sections.

    I am the founder and principal consultant for Identity Systems Group. I thank you for allowing me this opportunity to come and present before you. What you're conducting is instrumental in the establishment of any identification program in the public sector.

    My background and experience go back to many identification systems. I've worked on the Swiss passport, the Irish passport, the Dutch passport, the Malaysian national ID card, and the Singapore driver's licence. With the exceptions of New Brunswick's, Nova Scotia's, and P.E.I.'s, I've worked on every driver's licence system we have in this country, as well as on health care systems, the OHIP card and the RAMQ card. In 1992 I worked for a company that developed the technology for putting a photo on a plastic card, which subsequently gained mass appeal worldwide, and in 1994 I began my endeavours in biometric technology, researching its applicability for improving the identification process.

    ISG was formed at the urging of two government agencies, one U.S. and one Canadian, that couldn't find expertise available that could offer objective opinions on the use of biometrics and identification cards to improve the identification process. Currently I'm working on the new Manitoba driver's licence system design.

    I want to talk about driver licensing. In the last 10 years I've spent considerable time working on the driver's licence systems we have in place in this country. Deservedly or not, the driver's licence has become the de facto identification document both in the U.S. and Canada for many purposes, including for cashing cheques and for boarding aircraft. I used my driver's licence today to come to Ottawa.

    Considering that a driver's licence does not prove nationality, it is still, however, the most common photo ID document presented and used in the validation process for measuring eligibility for higher types of national identification documents, including the passport. It would most likely become a contributing support document, a “breeder” document, for any national identity card.

    As a result of September 11, the ID business has seen a flurry of activity. Without fully understanding the benefits of biometrics as a tool to assist in the identification process, many government entities in both Canada and the U.S. and abroad have felt an immediate need to implement better identification systems.

    I would suggest that the primary issues surrounding identification and the most important aspect, enrolment, cannot be addressed solely by technology such as biometrics. Compounding this belief have been vendor exaggerations of accuracy and applicability. Government bodies looking for the magic technological solution that will solve all ID issues have been quickly disappointed. I can point to several programs that have just recently been cancelled in Australia, the United States, and Europe where they tried to use biometrics to improve the identification process: Tampa airport, Logan Airport, one in London, and another one in Australia.

    I have mentioned the identification process a few times, so let me explain exactly what I mean by this. Identification is not a technology; it is a multi-layered approach to either validating a claim or proving a denial. The identification process in document-based systems such as a passport, a driver's licence, or a national identity card can be broken down into three aspects: enrolment, document, and verification. Each of the three aspects carries significant issues that impede its ability to assist the other two. The best identification systems balance all three aspects without placing undue emphasis on any individual component.

    I'm going to explain the three aspects of identification. I'll start with the middle piece, the document. The purpose of an identity document is to provide a portable, presentable proof of one's identity claim, the possession of which relies upon the due diligence of the issuing authority, normally a government entity. Documents are typically made secure by various means, including holograms, laser engraving, machine-readable data, and so forth. Very similar to currency, these government-issued identity documents use methods of technology that would be difficult or expensive to acquire or duplicate, thereby resisting counterfeiting.

    There is general agreement in the identification business that there's no document that will ever be tamper-proof, so often these documents are designed to resist “modifeiting”--there is a sheet at the back of my brief that will explain “modifeiting”--such that any tampering with them should be readily evident. In that case it would not be accepted as suitable proof of a claim.

    Lastly, IT security measures, combined with controlled auditing and accountability of the consumable components of the document and with security clearance of individuals handling or accessing these supplies, are designed to provide resistance to “genuifeiting”. This occurs when the unauthorized production of a government document occurs through the use of genuine but misappropriated government supplies.

¹  (1550)  

    Governments need also be aware that the provision of a highly secure document alone does nothing to increase the integrity of the overall identification system. Spending moneys on document security without balancing the other two factors, enrolment and verification, actually decreases program integrity. Because the card is held in such high regard, the perception that the overall system is secure is falsely elevated. This is a dangerous scenario and one that exists today in Canada for certain government-issued documents.

    The verification aspect, the third part of the identification process, has two parts. The first part is the attempt to verify that the individual presenting a document and claiming an identity is indeed the individual the document was intended for and that the document was issued by a bona fide issuing authority. The second part is ensuring that both the document and the verified individual represent the same identity that was enrolled and that exists in the issuing authority's records.

    Biometrics can be a useful tool in assisting the verification aspect, but with certain limitations. ID systems that are developed on compatibility platforms or possibly that use existing law enforcement technology should also come under further scrutiny since there exists the potential to exchange personal or biometric data and the potential for that information to be used for purposes it was not provided for.

    Other biometric issues that impede verification include the cooperative or non-cooperative design of the intended comparison. For example, if I were to access my bank account using my fingerprint, most likely I would attempt to place my finger on the scanner in a manner that would improve the possibility of a match, thus allowing me access to my bank account. However, if the same system were used to determine my entitlement to social services and I wished to collect benefits using multiple identities, I might choose to place my finger in a manner such that there would not be a match, or I might use other measures to further decrease the ability to match my finger to any previously registered template. The same approach applies to other biometric technology such as facial recognition, where disguises can be successfully employed. This form of approach could be termed “non-cooperative”.

    The most successful ID systems are designed such that there is always a user privilege in providing the best possible sample. The cooperative approach will likely handle 99.9% of all users in a public sector ID system that provides a benefit for a match. The system can then focus on the 0.1% of users who pose the highest threat.

    Often, glitches, technical difficulties, or inaccuracies in the system can wrongfully deny the legitimacy of a true identity claim. Policies and procedures must be developed prior to deployment and be supported by legislation if the system is to be applied consistently across a large population and geographical area.

    Similarly, identification systems have the potential to present a probability that an individual actually has another identity. Again, in a scenario where individuals may have to present further evidence of their true identity to support their denial, possibly through a secondary examination, policies and procedures that are supported by legislation are required to facilitate the resolution measures necessary.

    I will deal now with the most important aspect of any identification system, and that's the aspect of enrolment. There is no doubt that deciding who is eligible for enrolment in any public sector identification system is the biggest challenge faced by program administrators. The two other identification process aspects, document and verification, are rendered useless if the ID system cannot prevent unauthorized entities from gaining entry through wrongful enrolment.

    In almost all ID systems the decision to grant enrolment into the system is based upon the provision of supporting documentation by an individual making a claim. Typically, these documents are other forms of government-issued identification from multiple levels and often from other countries. These documents are referred to as breeder documents.

    Many ID systems use a process of scoring breeder documents to determine enrolment eligibility. Commonly, when a total score is reached, an individual is considered to have proved their eligibility to be enrolled. Unfortunately, the vast array of potential breeder documents, combined with a lack of technology, of procedures, of fraud training, and of familiarity with detecting false documents, make it difficult for enrolment operators to make informed decisions regarding eligibility.

    The issue of recognizing legitimate supporting identification documentation, either from home or abroad, is the most serious obstacle in Canada to the establishment of any secure identification system. The ability for one to easily obtain supporting collateral documentation such as baptismal or birth certificates, landed immigrant papers, health cards, and other official government-issued documentation is detrimental to all identification systems in place in Canada. Compounding this issue is the fact that most of these documents are recognized as supporting documents for other ID systems considered higher, such as a driver's licence, a passport, or immigration applications. Until the issue surrounding breeder documents is addressed, there exists the potential for increased risk resulting from the issuance of trusted documents that would validate a false identity, enrol an individual, and possibly place undue trust in this false identity.

¹  (1555)  

    Now I want to talk a little bit about a Canadian solution. I want to mention the organization called CCMTA, the Canadian Council of Motor Transport Administrators. This is the Canadian equivalent of AAMVA.

    If you're involved in research in the identification industry, you'll know that AAMVA has been given a mandate by the U.S. federal government. Now, there's no discussion in the U.S. about a national identity card. They're basically demanding that the state jurisdictions raise the level of driver's licence documentation so it's uniformly applied across the United States. Each state will be responsible for issuing an identification card.

    This exists in Canada today. Provinces issue provincial ID cards for people who do not qualify for drivers' licences. I believe the solution in Canada is to raise, similarly and parallel to what the United States is doing, the level of the security surrounding the issuance, enrolment, and verification pertaining to the driver's licence document. These agencies issue health cards and they issue provincial ID cards. Once that level is raised, you may find there is no need for a national identity card.

    Thank you for your time.

º  (1600)  

    The Chair: Thank you very much, Mr. Williams, for raising some very thought-provoking questions. I'm sure we will have some.

[Translation]

    I'd now like to welcome Dominique Peschard and Roch Tassé.

    Mr. Dominique Peschard (Vice-President, Board of Directors, Ligue des droits et libertés): I want to thank Mr. Fontana and the members of the committee for giving us the opportunity to present our brief on a subject that the Ligue des droits et libertés considers extremely important.

    The whole question of an identity card raises a number of fundamental issues. First, we've noted from the discussions that have taken place that the reasons for wanting such a card to be introduced have changed somewhat. Initially, the idea was floated further to the attacks of September 11 and in response to a need for security and for people to travel between Canada and the United States without encountering problems. However, as it became increasingly obvious that issuing a biometric identity card would not achieve these goals, economic reasons and the possibility of identity fraud were invoked as justification for bringing in such a tool.

    Ironically, in our opinion, the reasons now being invoked would never have sufficed, in and of themselves, to justify a biometric identity card, were it not for the prevailing climate in the wake of September 11, precisely because the card raises a number of privacy concerns. These concerns were in fact identified in the committee's interim report and are mentioned in our submission. Therefore, I will dispense with listing them once again.

    What is important, in our view, is to weigh the issue of an identity card not just separately, but also in the context of the range of measures that have been implemented since September 11. Such measures include the megafile file on travellers which contains data on all foreign travel by Canadians.

    The same is true of the still-to-be-implemented electronic surveillance initiative, known as Legal Access, pursuant to which suppliers of electronic communications and services would be required to keep records of all transactions, to ensure their availability to authorities. In essence, we're talking about the monitoring of electronic communications between citizens.

    Other issues are tied to the application of Bill C-36, such as the fact that the threshold for electronic surveillance has been lowered.

    Therefore, a range of measures are now being implemented. These may not necessarily be part of a cohesive overall plan, but these additional measures do mean that the movements and communications of Canadian citizens are being increasingly monitored. Thus, the biometric ID card, with its myriad technological possibilities, is an important additional step in the process of creating a surveillance infrastructure in Canada.

    This proposal calls into question some of the principles which we take for granted in a democratic society such as ours. The first is the right to anonymity, that is the right to travel and to communicate with whomever we wish without have to identify ourselves or justify our actions. In our society, we work on the premise that if a person is honest and goes about his or her business, there is no need for the police or the authorities to monitor that person's actions.

    Fundamentally, this proposal also calls into question the presumption of innocence. As I was saying, as a rule, if a person does not commit an offence, the police are not interested in that person's actions. Only when the authorities have reasonable grounds to believe that a crime has or will be committed do they take steps to monitor a person's activities and eventually, to take further action. With measures such as records, basically the onus is on individuals to prove their innocence.

º  (1605)  

    In other words, if the system generates a suspect profile in view of the travel a person may have undertaken, or, in the case of Legal Access, in view of the Internet sites that may have been consulted, a person could immediately be stopped at the border and be subject to special surveillance, even in the absence of reasonable grounds to believe an offence had been committed. Moreover, we see how, in Bill C-36, so-called terrorist activities are defined quite broadly. Law enforcement agencies can intervene if they have reasonable grounds to suspect, not just if they have reasonable grounds to believe. Until now, the latter was the accepted standards in our legal system.

    The plan, therefore, is to put in place a surveillance infrastructure, a key component of which would be the identity card.

    Another development that has given us cause for concern is the impunity with which law enforcement agencies can act. Recently, Ms. Shirley Heafey complained that it was impossible to find out what the RCMP was doing, given the powers conferred to this agency under Bill C-36. Recently in Quebec, we learned that the SQ was investigation several social groups that were exercising their freedom of opinion. These included the movement opposing amalgamation, the Union paysanne and the organization championing $5 a day daycare services. The government was critical of this police action and we are very happy to see that. However, these are examples of how police deal with citizens who have haven't done anything wrong.

    In recent years, peaceful protesters guilty of no wrongdoing have been arrested en masse in Montreal. In light of these facts, the proposed ID card gives us considerable cause for concern.

    Other factors also need to be taken into consideration. Under the current proposal, the ID card would be linked to central databases. Furthermore, if a microchip is embedded in the card, the latter could contain information about a person's criminal record, something the police would welcome, as well as a person's health and driving records, among other things. The question that remains is how much control individuals will have over these records. It's not simply a matter of saying that the contents of such records cannot be disclosed. It's a matter of knowing what will prevent private sector institutions such as banks and insurance companies from demanding access to these records in exchange for agreeing to contract terms.

    Consider what happens to prospective tenants in Montreal when there's a housing shortage. Theoretically, tenants are under no obligation to disclose their financial situation or to provide other information to the landlord. However, it's commonplace for landlords to request such information and prospective tenants have no choice but to comply if they want the apartment. This particular area gives us cause for concern.

    Finally, as some have noted, even to my surprise because I've done some research into this area, some biometric technologies are unreliable, thereby allowing for possible errors and all of the attendant problems for ordinary citizens, not to mention the fact the police often have blind faith in technology.

    I also have to mention the rather astronomical costs associated with this proposal. It's not possible to put an exact dollar figure on the ID card, but the cost of this initiative has been pegged at a minimum of $3 billion, with some saying it could go as high as $5 billion or $7 billion. We agree somewhat with the presenters before us that the technology associated with the ID card is not 100% foolproof.

    Therefore, the proposed ID card poses a serious threat to democratic freedoms in Canada and we urge committee members to recommend that this option be rejected.

º  (1610)  

    I skipped over one point that Mr. Tassé will talk to you about briefly, namely the whole issue of national sovereignty and Canadians controlling information about themselves.

    Mr. Roch Tassé (Coordinator, International Civil Liberties Monitoring Group): Since I only have a minute to make my presentation, I'll cut right to the chase.

    To repeat what Mr. Peschard said, we need to consider the usefulness of a national ID card, bearing in mind all of the other initiatives taken by Canada since September 11 which have given law enforcement and security agencies considerably more surveillance and intervention powers that impede democratic freedoms and greatly erode the right to privacy. We also need to consider the types of databases that could eventually be accessed with a national ID card. It's not just a question of identifying individuals. These ID cards could be the key to accessing extensive databases.

    Given the sheer volume of data that could be accessed with the card, any discussion should also take into consideration agreements signed with the United States under the Smart Border Action Plan, particularly as regards the sharing with US authorities of personal information about Canadians, as well as the integration and subordination of our security to imperatives defined by US security services.

    Given the United States' goal of setting up extensive integrated databases such as the Total Information Awareness System, facilitating the process of exchanging information with our neighbour to the South raises some very fundamental questions having to do with protecting Canadians and even with our national sovereignty.

    We're heading for a situation where increasingly, personal information about Canadians will be stored in the United States and managed by US agencies, without any obligation on their part to be accountable to the Parliament of Canada. Thus, Canada's Parliament would not be able to protect Canadians' privacy. No measures would be available to Canada to control the way in which databases are used, which raises the whole sovereignty question, as my colleague Dominique mentioned.

    The incident involving Maher Arar is a case in point. Considering all of the questions which remain unanswered, many of the issues identified can be related to the Arar case.

[English]

    We are very concerned about the diplomatic pressure related to the border harmonization and the North American perimeter regimes. They all lead to an increase in the sharing of personal information of Canadians. When a Canadian crosses the border, it can trigger an electronic profile composed of all these elements and put it at the fingertips of border officials, who will use it for unpredictable purposes. We fear the introduction of such invasive technology, as this total information awareness system would further encourage the kind of racial profiling and abuse that has been carried out systematically by U.S. customs officials over the last few months. Again, the concern is about the integration of security services, the lack of control and oversight by Canadians over the operation of Canadian services, and the fact that the data would eventually be controlled in the U.S.

    I'll stop at this point. I could go on and on, but that's basically the direction I was trying to lead us into.

    The Chair: Merci, Dominique and Roch. I'm sure we will have questions for you.

    Let's begin. Grant.

    Mr. Grant McNally (Dewdney—Alouette, Canadian Alliance): Thanks, Mr. Chair, and witnesses, thanks for your presentations.

    I have three concerns about the national identity card, and many of them were echoed in your presentations. Mr. Williams, you mentioned the breeder or feeder documents. We've heard those referred to as foundation documents as well, and we've heard that, really, we're fooling ourselves if we then go to a national identity card without stricter controls on who gets those foundation or feeder documents.

    In essence you've pointed this out. You've said that if somebody can get through the hoop, so to speak, or can jump over the hurdle and get the first document, that can get them well on the way to getting this national identity card, and then it would be much harder to detect. You mentioned that the Americans have gone for stricter controls over the issuance of drivers' licences at the state level, and you suggest that as an idea for us here.

    The other grave concern I have is about the linking of information systems with this card. Even though the intent at first may not be to link the information systems and different databases, we've heard that before with other documents. The social insurance number, when that first came into being, was just going to be very specific for benefit programs of the federal government, but now things have evolved over a number of years and we have to put that number down for all sorts of other things.

    I have grave concerns, if we're going to go down this road, about whether we'll have any control over the linkages of systems. It could be catastrophic if someone's card fell into the wrong hands, because it's linked to all sorts of personal information. I see that as a real concern.

    I thought I just had two main concerns until I was reminded of the third one, that being the cost factor. We don't really have it costed out by the minister at this point.

    I'd like to focus, Mr. Williams, on your suggestion that we somehow encourage the provinces to put in place a system that puts more rigour into the process for a driver's licence or whatever document we choose as the main identity document.

    Also, I'll just make the point as well that we've had trouble with the security of our passports and social insurance numbers in this country, both being under federal jurisdiction, because of their being stolen or misused. I haven't really heard of that happening in terms of drivers' licences, documents issued at the provincial level.

    Maybe I'm mistaken. Maybe you can let us know if there are cases of that happening you're aware of.

º  (1615)  

    Mr. Ian Williams: One of the most serious issues that exist today in Canada occurred a year and a half ago, when over the course of one weekend, the Province of Quebec was simultaneously robbed of 17 driver's licence issuance systems. Obviously, these systems were stolen by criminal organizations, which now have the capability of issuing what I refer to as “genuifeits”. They now have the capability to issue genuine Quebec drivers' licences. The systems that contained the card materials, such as security laminates, also contained the personal data of residents of Quebec who had previously been issued a driver's licence.

    Because the Province of Quebec is the only jurisdiction that does not store the digital image, we now have documents of trust existing in Canada that are not genuine, and we have no way of distinguishing them as non-genuine. Basically, the criminals can make those documents because there is no image to retrieve against which someone can verify an individual's identity; there is no way to dispute it. That is one incident.

    The incident that was mentioned earlier about the OHIP card actually did occur. I worked for the company that was providing some of the systems. The issue is compounded by the fact that the delivery model used by most companies engaged with governments is a cost-per-card model. The Canadian passport, the new permanent resident card, and every other card and document program that exists in North America are based on that model. It's changing in Asia and it's changing in Europe, where governments do not hire a private company to issue documents and pay them per document. It's a conflict of interest; it's in that company's best interest to issue as many documents as possible.

    The company that was issuing the OHIP card--and I'd better be careful here because I'll end up in court--was aware before the government was that we had exceeded by two million the number of documents issued over the number of identities that were entitled to an OHIP card. It wasn't until this came to the government's attention that production of the OHIP card ceased.

    So the business model surrounding the issuance of documents needs to change, but I haven't seen it change in Canada. I've seen it occur in Asia, where governments are taking control of these documents themselves and not paying private firms to issue them on their behalf.

    I hope that answers your question.

º  (1620)  

    The Chair: Are there any comments by others with regard to the foundation documents and/or linkages between databases, which Grant spoke to? Dominique, Roch, or Tony?

    Dr. Tony J. Juliani: If I may, the matter of the cards is less of a concern than the matter of the individuals. Mr. Williams mentioned the stolen drivers' licences. Those drivers' licences are useless unless people use them fraudulently, so the issue comes back to the individual: is this individual entitled?

    It's a question of an integrated system that would identify that particular individual and activate his or her rights. In other words, when the individual receives this fraudulent “real” identification card or a real driver's licence, if there were a biometric system to reconfirm the identity and to reactivate the rights, then you'd have an integrated system. What we mean by an integrated system is an umbrella, and we have the technology in place to provide another layer to support the original document that is to be provided to this particular individual.

    This is what we're referring to. We're not referring to sharing information. We're saying that for this individual who comes to Canada and presents what appears to be a questionable passport, is there another system, a biometric system, that can give the customs officer, in this particular case, or the motor vehicle or law enforcement community a tool, an additional tool, a practical tool? We do have this in biometrics, and that's what we mean by an integrated system.

    The Chair: Madeleine.

[Translation]

    Ms. Madeleine Dalphond-Guiral (Laval Centre, BQ): Thank you, Mr. Chairman. My first question is directed to Mr. Juliani.

    I was interested in one of the biometric features you mentioned, namely voice recognition. I have a cell phone and theoretically, it's suppose to recognize my voice. However, the message I regularly receive is that the system does not recognize my voice. Sometimes, on the third try, I'm successful. Yet, my voice hasn't changed.

[English]

    The Chair: I can recognize your voice every time.

    Some hon. members: Oh, oh!

    Ms. Madeleine Dalphond-Guiral: I know that.

[Translation]

    There are different ways of altering a person's voice. How is the voice actually recorded? Are we talking about acoustics technology? If I have a cold, I can guarantee that my voice will be different. However, my husband and oldest son sound alike. I can't tell them apart over the telephone. Therefore, I wish you could shed some light on this matter for me.

[English]

    Dr. Tony J. Juliani: Thank you very much.

    In terms of your phone, I'd be very interested in giving you a demonstration in this committee, because the technology is here and it is available.

    In terms of recognition, think of the voice as a fingerprint. No technology is perfect, but we trust technology to serve us. The gentleman said we put blind faith in technology, but I must put blind faith in the technology of the airplane I take to come from Toronto to Ottawa, so there is an element of faith associated with technology. Now, no single technology works perfectly, and even if it did, I would not lay claim to that.

    With regard to voice, voice is a print of your internal.... If you have a cold, it does not matter because your voice originates internally. It's analogous to the fingerprints the police use, where they make comparisons, and we use the fingerprint system for law enforcement. Voice is a non-intrusive, non-invasive, extremely cost-effective biometric tool to give us high reliability in confirming someone's identity. This is the best way I can phrase it.

    Is it 100% perfect? I would never claim that. When I get into my car, I assume the brakes are going to work 100% of the time. When they do fail, then I have a problem, and that's the position I take in terms of technology.

    The technology you're referring to with the phone is not voice verification; it's voice recognition. It's a totally different issue. We're talking about verification of the fact that my voice print or your voice print has been recorded and that there's a one-to-one match between you and your voice. It's not one to many, which is what many other biometrics do, and that's a deficit. Mr. Williams can speak to this more eloquently than I as a criminology professor can.

    One other thing I'd like to say is that we've been working on voice verification for over ten years, way before it became fashionable for the security industry to get involved for partisan reasons.

    I hope I've attempted to answer your question.

º  (1625)  

[Translation]

    Ms. Madeleine Dalphond-Guiral: One thing worries me about this whole matter. The minister has given the committee free rein and as I see it, this comes with considerable responsibility.

    In my opinion, the general public is ill informed about the potential consequences of a national ID card. I would like the three witnesses to tell me what steps should be taken to ensure the public harbours no illusions about their safety—because it's tempting to make these kinds of promises—and that people are properly informed.

    How should we proceed? The witnesses that we have heard from are already well informed. For example, you don't need any more information. Your position is already clear. However, we need to find a way to get accurate information out to the more than 30 million Canadian citizens.

    Mr. Dominique Peschard: There's no denying the need for a public debate on this matter, among other things, in the newspapers, and for keeping the public informed about every aspect of this question, not just about technical details. Concepts must be popularized up to a certain point so that people understand everything that's at stake. They have to know precisely what is meant by digital, by physical features, by biometrics and so forth. They have to know how accurate the system truly is.

    Articles that have been published on the subject reflect the divergent views of the industry, that is of the people who market these systems and the independent tests that have been done. For example, in our brief, we refer to tests done by the Pentagon of the system that is based on the iris scan. We also need to take into consideration the context and possible implications. I don't see how this debate can be avoided.

    Also, as Mr. Williams noted, there is no one quick fix for all security problems. It's one thing to ensure secure banking, driver's licensing and identity card systems. Terrorism, on the other hand, is a very unique phenomenon. It's important to be frank with people and to admit that there is no single solution. While some disagreements may exist, everyone can agree with that statement. Efforts will always be made to fight crime by reacting to events and by improving response measures. The struggle is never-ending. The idea of absolute security or justice is a reflection of the totalitarian vision of the ideal society. We need to accept the fact that democracy means compromising between security requirements and the need to maintain certain democratic processes.

    In our estimation, the balance is shifting heavily toward the need for security, at the expense of democratic requirements. Nevertheless, it's important to take the time to debate this issue, because there are no simple solutions.

    Ms. Madeleine Dalphond-Guiral: You'll agree with me that people aren't reading as much these days. Therefore, it's hard to imagine a genuine awareness campaign without television, a popular medium, and the kind of investment this would require.

    Would the Canadian government be prepared to spend the necessary funds on such a campaign? The answer isn't clear. Substantial sums of money were spent on programs such as Canadian Idol and Star Académie, but the return on the investment was substantial. The benefits of the proposed ID card aren't quite so apparent, to my mind. I'd greatly appreciate hearing your views on the subject.

º  (1630)  

[English]

    The Chair: Did you want a strategy?

    Now, mind you, I think the Government of Canada would be more than happy to invest in Madeleine's creating a national ID show to see how many viewers she could attract to the program. I'd watch it, there's no doubt about it.

    Mr. Williams.

    Mr. Ian Williams: Mr. Chair, it's funny that you should mention that. Actually, last week it was announced in the United States that a gentleman called Steven Brill, who has developed shows like Court TV, has just launched a VID card, which he's selling publicly in the United States. Because of the Homeland Security Act, private firms have access to the U.S. government's terrorist databases. He's selling an ID card to private residents for $50--I think there's a $10 annual fee--and it's basically an “I'm not a terrorist” card.

    The Chair: Only in the United States.

    Mr. Ian Williams: It's because the United States government is not taking steps to issue a national identity card, as I mentioned earlier.

    But I would like to address one of the questions you asked earlier. I'm an advocate of biometrics. It can improve the process, and I've used it in many systems. But the one thing I think is confusing to Canadians is that they don't understand the difference between verification and identification, and there's a huge difference. When you watch Mission Impossible and you see Tom Cruise having his iris scanned and it opens a door for him, that's verification. It's only measuring Tom Cruise against a stored template; it's not looking through the database of millions and saying, let's find Tom Cruise. That's the difference. That's identification. I think that's where Canadians' perception of privacy invasion comes from.

    Credit card companies would be well advised to start putting a biometric on ATM cards. I can't lose that; it's something I am. It's a behavioural or a physiological characteristic I will take to my grave. I can forget a password, I forget my PIN every day, but I can't forget my biometric, and I can perform a one-to-one match.

    Identification is when you look for duplicates in a database, and biometrics can also prevent you from having duplicates. People who hold multiple passports are a perfect example. The business of identification always used to address duplication because people were getting their drivers' licences suspended and needed another driver's licence, so they were coming in with disguises. Now it's not so much for getting a driver's licence as it is for getting a form of ID.

    I think that's the communication you need to get across to Canadians, to help them understand the difference between verification and identification.

    I'm an advocate of verification. I want my identity protected from theft, and I would sign up. But if I didn't see measures and procedures in place to protect my data from theft, abuse, misuse, or intergovernmental transfer, I would be opposed to a system.

    I worked on the first biometric public sector system in Canada, which was designed to prevent recipients of welfare from using multiple identities to collect extra welfare. It was the metropolitan Toronto client identification and benefit system, and I was the solution architect for that in 1995. The system was approved by the Ontario privacy commissioner, and we crafted legislation, Bill 142. However, Bill 142 basically states that if you provide biometric data, it can only be used to measure your eligibility for the purposes for which it's provided.

    I think the Canadian Government would be wise to put some kind of legislation or policy in place saying, if I give my biometric data for a national identity card, it can only be measured and used for that. It's not going to be shared with CSIS, the RCMP, INTERPOL, or anybody else; that's all it's to be used for. It's difficult, but I think, until you put something like that in place, you're going to have people who are going to be opposed.

    Anyway, I hope I've answered some of your questions.

    Dr. Tony J. Juliani: I'd also like to address the honourable member. This cost is being shared by the private sector, and let me give you an example. We are working now with banks that will be offering this service free of charge to their members. Why? Because the private sector, the banks in particular, will save hundreds of millions of dollars by reducing the number of fraudulent cards. They've already made this decision. So as the private sector offers this service and it becomes part and parcel of the system, the Government of Canada will not need to spend billions of dollars.

    This is a little bit different. I know it's an innovative concept. As a matter of fact, I will announce today that IDVoiceBank, Inc. is working with and will offer free of charge our service to law enforcement agencies that are working specifically in terms of retrieving missing children. The reason missing children are important to us--I as a criminologist have always found this important, and I've been working with them for many years--is that most of the missing children are runaways. There are about 50,000 to 60,000 missing children in Canada annually, but they're mostly runaways, and we want to get them back home. If there is to be a system of identifying them, this is the easiest one. We will be working with law enforcement and we will give this system away.

    The reason we will give it away is that we want to be a good corporate citizen, but it's also because it is cost-effective. Let me give you an example. To replace a password at the bank when you lose your card, for them to do that process, it's an average of $150 to replace one password. Most of us misplace the password. For them to use the biometric they will be using, it will cost them $10, so it's cheaper for the bank to give the $10 away to the customer rather than have to take the hit every time the password is reset. That's just one area.

    In essence, there--

º  (1635)  

    The Chair: We have to move on.

    Roch, just answer quickly. I like this kind of format of debate and everything else, but I do have other questions that have to be posed.

    Mr. Roch Tassé: The issue of verification versus identification is a key one. But then, when we bring this back into what the rationale is for us to start a debate in Canada around an ID card, it's probably to respond to U.S pressures after September 11. The issue is border security, and we know that the U.S interest in this issue is not verification; it is identification. They want to access data banks.

    So to be honest with Canadians, if we have a debate, we have to tell Canadians that the ultimate goal here is really access to data, not merely verification. If we stop at verification, we are lying to the Canadian public. We really have to reveal what's behind this debate to the full extent, and it is really identification and access to data banks; that is the U.S interest in this issue.

    The Chair: The only debate that's occurring in this country is right here, right now, and by this committee. That's good because we've been asked to do it, and that's exactly what we intend to do, hear from people like you who are prepared to give us your insight and your opinions, because at the end of the day, that's what it's all about.

    Ivan and then Inky.

    Mr. Ivan Grose (Oshawa, Lib.): Thank you, Mr. Chair.

    Mr. Juliani, I was not here for the start of your presentation. Unfortunately, I was gainfully employed elsewhere, but I did hear enough to pique my interest. You can answer yes or no to the two or three questions, and then I'll get up to speed. I'm quick that way.

    You're talking about using a voice print as a means of verification or identification--I don't care--yes?

    Dr. Tony J. Juliani: Yes.

    Mr. Ivan Grose: Thirty million people in Canada each have a different voice print?

    Dr. Tony J. Juliani: Yes, and those 30 million people have 30 million different sets of fingerprints as well.

    Mr. Ivan Grose: Well, that's been disproven lately. Fingerprints aren't as reliable as we thought they were.

    In any case, is there going to be any other kind of auxiliary identification along with this? Are you going to have a card as well?

    Dr. Tony J. Juliani: What we're proposing is to use voice verification in addition to whatever other systems are in place. For example--

    Mr. Ivan Grose: Fine. Thank you very much.

    Now, you're going to have a machine that is going to identify this voice print.

    Dr. Tony J. Juliani: No, there are no additional machines. It's the telephone that's connected to our data bank.

    Mr. Ivan Grose: Suppose someone steals the data bank.

    Dr. Tony J. Juliani: What are they going to do with it? It's one-to-one data. Mr. Williams said something extremely important--

    Mr. Ivan Grose: Well, that's been proven once, hasn't it? If they had it, why couldn't the voice prints be copied?

    Dr. Tony J. Juliani: The logarithms would not allow that. The technology would not allow that. Let me just--

    Mr. Ivan Grose: Oh, I've heard that before: the technology will not allow something.

    Dr. Tony J. Juliani: All we're really doing, sir, is that when you go to the bank and you apply for a loan--

    Mr. Ivan Grose: No, forget the bank. We're talking about an identification system for all Canadians.

    Dr. Tony J. Juliani: The voice biometrics can be used to supplement whatever system, including an ID card, if that is selected. The passport can be strengthened and the ID card, if it is selected, can be strengthened using biometrics. This is what we're saying.

º  (1640)  

    Mr. Ivan Grose: So you and Mr. Williams could work very well together.

    Dr. Tony J. Juliani: Certainly.

    The Chair: On a technical question, can I just ask you this, Tony? You're talking about a system of voice identification or verification as a means to try to identify Canadians or anybody else in whatever. The fact is, as you said, it's a system; all of those voice patterns, including mine and everybody else's, would have to be in place. So you would have to ask every Canadian to enrol so they could in fact be matched to a voice.

    Dr. Tony J. Juliani: Yes.

    The Chair: Second, I'm just wondering, on a daily basis--and perhaps some of you could tell us--if a million calls come into the verification system, there isn't a system in the world that can handle a million calls in an instant. It has to be able to identify Joe Fontana's, Ben's, Bill's, and everybody else's voice at a given moment of the day. Everybody would try to get verification because it's transaction-based and so on. There isn't a system in the world that can take that kind of load.

    Dr. Tony J. Juliani: No, but a million a minute coming in is unrealistic too.

    The Chair: Well, say 100,000 or 200,000.

    Dr. Tony J. Juliani: Yes, it can handle those numbers, and I'll just answer your question in terms of the database. If we were to use it in Canada, one of our key partners...because enrolment, as Mr. Williams said, is extremely important. Do you really know that person is that person at the time of enrolment? That is the key.

    The Chair: Inky.

    Mr. Inky Mark (Dauphin—Swan River, PC): Thank you, Mr. Chairman.

    Mr. Ivan Grose: I can speak to that as well. I used to work for the telephone company. For every 500 telephones, there was only one line finder because only one telephone in a thousand was in use at any one time. But there came times when everyone lifted up their telephone and no one got anywhere. So that is not a very good answer, that, but I'm still intrigued by the system, and I think one day we'll probably do something like that.

    Mr. Williams, you gave us an example, the Ontario health card. Why didn't the system, the machine, or something go “tilt” when it got two million cards extra?

    Actually, it has two million and one because I still have an old plastic one that's all cracked.

    Mr. Ian Williams: Can someone tell me today how many identities there are supposed to be in Canada? How many people were actually born here, how many immigrants landed today, how many people have died today, and how many people have been born today? Until you can account for every eligible identity in a country, you can't ever control an identification process.

    You need one government agency that controls births, deaths, and marriages that at least has some coordination in that, or you'll never know how many people exist. The census data is usually 10 years old by the time you get a copy of it. You don't know. Quite frankly, nobody knows how many people are supposed to be here or are here.

    The Chair: We can guess. When you say “are here”, you're right.

    I'll come back to you. I have some interesting questions.

    Go ahead, Inky.

    Mr. Inky Mark: Thank you, Mr. Chairman.

    Welcome, witnesses. You bring a lot of different points of view.

    One thing you stated that's very important is that this country really needs a debate. The problem right now, as I see it, is that it's confusing. We really don't know whether we're talking about mandatory ID cards. You've heard that before. What's an ID card? Now we're talking about verification versus identification.

    I know the intent is driven post-September 11. Perhaps my first comment to the civil liberties people is that it's already happened; the transfer of information to the Americans has already happened. I was at a subcommittee studying marijuana. The RCMP were there, and we learned our CPIC system is already open across our border. In fact, it's being opened to our neighbours on the other side even before our own immigration officers can use it. They have to have permission to use the system.

    The concern already brought up this week was, how do you change information when changes need to be made? It's impossible. We don't even know what happens to the information once it's taken off CPIC. It's just information, and it shouldn't make you guilty of anything. It's just more information to help the police system work.

    So it's already happened, and that's one of the fears I had as well. I believe a national compulsory ID system is really a slippery slope. This committee made a report that showed Europeans have a different attitude than North Americans do. Culturally, we're very different. Maybe we trust our government less than the Europeans trust theirs, but the Europeans take economic approaches. We've already heard today about the economics of IDs and bank cards, and I think it's coming. There's no doubt it's going to happen.

    The target of all of this will be law-abiding people even though the intent is to catch the lawbreakers. Do you have any idea of the percentage of lawbreakers out there it's supposed to catch? It's sort of like making everybody do something only because one or two are going to be rotten apples.

º  (1645)  

    The Chair: That's a good question for everybody. How do we catch the bad guys? That's what he's saying.

    Mr. Dominique Peschard: The question is, what is the definition of a bad guy? In other words, if you smoked pot when you were 20 years old, you were caught, and you paid your fine or whatever, are you still a bad guy 20 years later when you want to cross the border?

    There are serious criminal activities with criminal gangs, terrorists, and big-scale fraud artists. Then there is small-time crime, which someone may commit at one point in his life and which he pays for. Then the page should be turned, and he shouldn't be held accountable for that for the rest of his life.

    One of the problems with these databases--that's what people are experiencing at the American border, and it could become more and more widespread--is that whatever you've done in your life is held against you for the rest of your life. That's chilling from the point of view of democracy. In fact, once that sinks into the consciousness, people will be afraid of doing.... If I go to a demonstration, get arrested, and get a police record, that means I can't travel any more. So maybe I shouldn't go to the demonstration. Maybe I shouldn't voice my opinion so much because at some point it will appear in some kind of file. That's our big preoccupation.

    Mr. Inky Mark: That's already happening, because the RCMP gave an example this week of where someone crosses the border and their name comes up; it's on a pedophile list. Now, you're the wrong guy, but you have the same name, and the state trooper adds it to his database. As you travel to Florida, another policeman enters the American data system, and you're stopped again. It just continues, and the biggest problem they're finding now is, how do you get rid of that bad information? It's really a problem.

    The Chair: Mr. Williams, on the same question.

    Mr. Ian Williams: How do we capture the bad guys? Every ID system I've worked on has to have one set of policies for enrolment verification and documentation. It's unfortunate that the general populace normally has to abide by the same stringent rules or regulations, but it is the only way; it has to be uniformly applied.

    There are the CANPASS and NEXUS programs. I was an enrollee when I worked on the INSPASS program. It got me across the States in minutes. I used my hand geometry. The new ones use iris scan and some facial geometry. Those voluntary programs are great. I can get over, and I'll sign up for those because I have no fear of being identified as a bad guy. Bad guys won't enrol in those programs.

    I've recommended to some governments who've wanted to implement biometric enhancements that they do it on a voluntary basis. In certain applications, if I don't want my identity to be stolen, I'll even pay an extra $20. Give me the card if that's going to protect my identity from being stolen, because to me that's a bigger invasion than perhaps sharing a minutiae template or an iris template.

    For public sector programs, though, national ID cards would have to be mandatory. Otherwise, there'd be loopholes, and all the regulations would have to apply uniformly to every citizen.

    Dr. Tony J. Juliani: I'll use the analogy of a fishermen. If you go fishing and you throw a net, your choice of net depends on what type of fish you want to catch: the smaller the fish, the smaller the net. I go back to the issue of an integrated system, one that facilitates, supports, and integrates what we have. We have very good systems, and we have very good documentation. Sure, they're not perfect. As has been said, no system is going to resolve all the problems, but the multiple layers available to us will allow us to tighten that fish net as much as we possibly can.

    Are we always going to get every little fish? Of course not. It's unrealistic.

º  (1650)  

    The Chair: If I could, I'll ask some questions, and then we'll have a last round.

    Dominique, you're absolutely right. There's no doubt that the debate and the biggest challenge to this committee are centred on the question of balance between privacy and security. Therefore, when a citizen or the state is in need of something such as securing itself against identity theft by criminals or terrorists, somebody is going to have to give up something. Essentially, the pendulum has to swing: how much of their freedoms and their privacy are people prepared to give up for the greater good, the security of the country and the person through a secure ID system?

    Based on your submission today, I'd say you think that obviously the balance is moving more toward security while privacy is being left out there. Where is the proper balance? Is our system presently, in terms of identification...?

    In a funny sort of way, it is true that there is no one system that identifies who you are and who I am. There are a multiplicity of things that can actually verify who you are. Is that how privacy is best protected, or is in fact privacy best protected by virtue of introducing a biometric system that says you are who you say you are, so no one else can steal that or take that away from you? I'm trying to find out from you how to best protect privacy within this world of technology, databases, and so on.

    Mr. Dominique Peschard: Biometrics is far from being infallible, according to the independent tests that have been done. We give one example in our brief of a Japanese professor who easily picked up a fingerprint off a glass, made a gelatin finger, and was able to fool a machine. The technology is such that big-time criminals will invest the necessary time, money, and effort to fool the system, so I don't think the solution is in technology as such.

    Every problem has to be dealt with. Essentially, banks have to have a more secure way of accessing their files. Maybe if we can improve the way birth certificates are kept, well, that has to be done and so on. It's like counterfeit money; we will have to make documents that are harder to reproduce, and as criminals find ways of reproducing them, we'll change the documents and make them harder to reproduce. I don't think we'll ever have an answer to such a complex question.

    I think the security threat has been blown out of proportion, because how many people have died in a terrorist act since 9/11 in North America? None since the anthrax affair. Terrorism is used as a justification for many things these days, and the criminality we now face in terms of fraud and everything else existed before. As technology develops, people will find ways to foil the technology for criminal purposes, the people who develop the technology will have to find countermeasures, and so on. It's like fighting viruses on computers; it's a continual battle and we just have to live with that.

    The Chair: Mr. Williams, obviously you have a tremendous amount of experience and expertise. You seem to have put your faith in documents such as the driver's licence, something we can standardize, and so on and so forth. It has become, I suppose, a de facto ID card, much like the SIN number. I know that different provinces are looking at introducing biometrics into it, because essentially, the driver's licence has a number but it also has a photograph. It's a very high-tech card, one that is supposed to be a little harder to duplicate.

    My question concerns the foundation documents, because that's where everything starts. We've heard an awful lot to the effect that the foundation documents are not as secure as they could be. If you want to design a system and/or make sure you have a good system, you have to go back to the very beginning, that foundation document, be it a birth certificate or a citizenship application, because everything else evolves from there. Are you of the opinion that if in fact we are to embark on improving ID systems for whatever it is, the foundation document itself has to be improved? Then, should biometrics be included in a foundation document?

º  (1655)  

    Mr. Ian Williams: You've hit the nail right on the head, but it would be difficult to go for biometrics on a newborn in a country far away, one Canada has no sovereignty over. Myself, I'm an immigrant to Canada, and my birth certificate is a hand-written document. When I presented that for eligibility or as a measurement of my identification when I first came here to get a driver's licence, it was accepted. The lady who accepted it had never seen a birth certificate from that country before, let alone a hand-written one, but she just believed it to be genuine.

    That's the issue the United States faced as well, how do they verify all these breeder documents? In North America alone we have 300 variations of the driver's licence, and we can't control what they look like. Compound that with the fact that every North American jurisdiction, including every province, has reciprocity agreements with foreign nations. Quebec has one with Belgium, and Manitoba has just entered into one with South Korea. People travelling from South Korea can land in Manitoba and directly exchange their South Korean driver's licence for a Manitoba driver's licence. Reciprocity arrangements within North America will then allow them to go to Alberta and get a new secure document very much like the PRC document, or they can go down to New York and get a New York driver's licence. Those reciprocity arrangements exist.

    Where do we start? Yes, we have to beef things up. We have to train people at the front line enrolment stations in what's called “fraudulent document recognition”. The RCMP are involved as well as many authorities in the United States. People who are on the front lines, people who issue birth certificates, drivers' licences, or health care cards, have to be trained in how to identify fraudulent breeder documents. Then if somebody hands you a birth certificate, it's very easy to tell if it's 35 years old or 3 days old.

    The Chair: That means introducing the human aspect back into the system, and that would be intriguing.

    Can I ask you this, though? What happens to anybody who can't get a driver's licence? What do they use for identification?

    Mr. Ian Williams: Newfoundland and the Province of Alberta issue provincial ID cards, and soon the Province of Manitoba will too. Those are for people who are not eligible to get a driver's licence but require a piece of photo ID.

    The Chair: Finally, Mr. Juliani, I think this is the first time we've heard about voice as a way of identifying someone. We've heard of voice verification or identification systems, but not necessarily as part of a national ID system, so it's unique.

    I'm having trouble with something, and let me give you an example. We're supposed to know so much about bin Laden, but every time he shows up and talks on tape, neither the CIA, the FBI, nor anybody else can detect whether it's him. They don't know. Surely to God, we must have had a voice print from this guy, so when he issues a tape.... I mean, the best in the world can't tell us whether it is bin Laden or not.

    Now, you're an expert in voice. Are we just being sold a bill of goods, or do they know and just don't want to say? Surely, if you say that everyone has a unique voice print, one that isn't duplicated anywhere else in the six billion people in the world...what do you think? You're asking us to have some faith in technology, and we understand there is no foolproof technology. The false positives and false negatives, even with irises, a fingerprint, two fingerprints...put three biometric identifiers on a card and people will tell you that you still can't get 100% certainty.

    Dr. Tony J. Juliani: What I'm saying is--and I go back to your original question to Mr. Williams--we can enhance the integrity of the foundation documents with existing technology, because that's the point of departure. You have to start from square one, so you make the foundation documents as secure as possible. But to ignore technology because we are ignorant of it is really something we should not allow ourselves to do, whether it's for voice or any of the other biometrics.

»  (1700)  

    The Chair: Grant, you have the last question.

    Mr. Grant McNally: I just want to focus again on the foundation documents, because that seems to be the key. If we don't get that right, we're fooling ourselves. Mr. Williams, you recommended we go there--

    Mr. Ian Williams: Yes.

    Mr. Grant McNally: --and said that was the answer.

    My last question to each of you would be, do you think we're on the right track with this national identity card, yes or no?

    The Chair: What track is that?

    Mr. Grant McNally: Should we be going down this road? Does the minister have it right? Should we be issuing a national identity card?

    Dr. Tony J. Juliani: If I could, I'll address that. We should have a system in place where all Canadians can identify themselves and have confidence in the system, whether through an ID card or an integrated system, but at least give Canadians the opportunity to feel the system is integral.

    The Chair: Mr. Williams.

    Mr. Ian Williams: No, I don't think we should. I think the national identity card will encounter the same problems that exist in the current Canadian identification programs. I can, probably within a day, have a baptismal certificate and a driver's licence, and then I'll make application for a new national identity card, which I'll get. Am I getting it under my true identity? Probably not. You'll have the same problems as with the existing systems.

    Mr. Dominique Peschard: I share the opinion that you shouldn't pursue anything in that direction for the reason that it won't solve the problem it pretends to solve. Meanwhile, it can lead us further down the road towards the erosion of our freedoms and liberties.

    The Chair: On that note, thank you very much. That's why we're having this debate, because it is a very important issue. I want to thank each and every one of you for your time and for your experience and expertise. They're very much appreciated as we continue to debate what is a very important issue for all of us. Merci beaucoup. Thank you.

    The meeting is adjourned.