The shortfalls of biometric devices employed by the Pentagon have been exposed in a report which examines the standard of Biometrics Policy for data encryption.
Establishing accountable government standards that oversee legitimate contracts should be in the US’ best interests for national security, Inspector General, Robert P. Storch suggested in his report, titled “Evaluation of the Control and Accountability of DoD Biometric Data Collection Technologies”.
The evaluation also brought to attention that the Department of Defense Office of Inspector General followed the Biometrics Policy in relation to leveraging biometrics devices, however, it did not go far enough to specify the requirements for information security and encryption to standardise all technologies.
Upon handing in biometric devices for disposal, the DoD also failed to provide documented proof that biometric data had been destroyed after use and not held indefinitely in the Pentagon’s data systems, which would be in breach of privacy.
The report condemns the state which it blames for not taking accountability for ‘rogue’ tech providers that can obtain lucrative government contracts without regulations preventing them.
In Storch’s judgement, it is clear he believes the onus should be on the state to establish better standards, and perhaps in the future mandatory certification, to dilute the solutions market and remove untrustworthy technologies.
Allowing dodgy suppliers to win government contracts provisions their access to “sensitive personal information that could jeopardise the safety of both U.S. and partner forces,” IG Storch said.
The report concluded recommendations for the DoD such as revising the DoD Biometrics Policy to include standards for encryption and data protection of biometric devices, in order to become respected data custodians.
The Pentagon accepted other actions to improve sanitization of data records after the necessary retention period.
