Israel's move points to a radical shift in the control of civilian and private biometric data, especially amid the country’s conflict with Hamas.
The series of altered data permissions are being processed by the Knesset, Israel's legislative body, and take the form of regulatory modifications and legislative memos.
This proposes a scenario where, without judicial resistance, the Israeli military, intelligence agencies and law enforcement could be granted greater surveillance authority.
The Knesset-approved shift in data access is extensive and seeks to overturn previous government resolutions. Central to these changes is the far-reaching access granted to the National Biometric Database (NBD).
The Israeli government claims that the purpose of the database is "to protect the identity of the Israeli citizens and to ensure that every person has only one set of official documentation and one unique identity — the person’s true identity."
But amid the alleged promising use of the database, the retooled regulations mean biometric information can be submitted to security forces for alleged identity verification, provided conditions within the nation are declared a "special situation."
With the Knesset's approval, Israel’s police and security agencies will soon be able to create a derivative of the national biometric database without adequate supervision and protection mechanisms.
The Israel Defense Forces (IDF) and the Israel Security Agency (Shin Bet) will be able to infiltrate private security cameras without needing court approval and without safeguards to prevent possible misuse of information.
Amid the war with Hamas and in the cause of real security needs, the government ministries have also promoted and approved a series of laws, memoranda of law and emergency regulations that could change consolidated orders in a way that can harm the privacy and protection of information of citizens.
These laws and regulations may also result in irreversible situations, all without proper supervision by the judiciary or the Knesset.
The first move involves the National Biometric Database, which stores the facial images, and in some cases fingerprints, of an estimated seven million Israelis.
Early in November, the Knesset approved in the second and third reading, an amendment to the biometric database law that allows the database data to be leveraged to help identify murdered, kidnapped and missing persons.
The law was approved in an expedited procedure one week after the law memorandum on the subject was released to the public. The speed is particularly surprising because it took many years to enact and operate the database. (Related: Netanyahu: Israel to take over “security” in Gaza after the Israel-Hamas war.)
Additionally, the law makes another change in how the database operates and states that the fingerprints, which one year ago were determined to no longer be added to the biometric database, will be stored from now until the expiration of the temporary order.
This change returns to the database information that was previously decided to be no longer necessary for its main purpose, which is verifying a person's identity.
The second move is a memorandum of law promoted by the Ministry of Defense, which seeks to give the IDF and the Shin Bet the power to access, retrieve and delete information from private security cameras connected to the network.
This could be an issue because access to these cameras is often not secure enough, especially since there is no access password or the manufacturer's default password has not been changed. The cameras also tend to overlook public areas or sensitive facilities and can be used by the enemy to gather intelligence.
Together with these two memos, the government is also formulating emergency regulations that will expand the powers of the National Cyber Directorate and give it the authority to issue binding instructions to certain businesses in the event of a cyberattack.
According to the draft regulations, which were revealed last week in Calcalist, the Cyber Directorate, the Shin Bet or Director of Security of the Defense Establishment has the authority to issue binding instructions to certain computer service providers in the event of a cyber attack.
The provider of these services will also be required to report a cyberattack within four hours from the moment it is detected.
The Cyber Directorate claimed that the regulations were not intended to replace the cyber law and that they only apply to one sector.
However, privacy experts have advised that the choice of granting this authority by means of law and not in primary legislation is wrong because this is a broader arrangement concerning other emergency regulations laws that have been passed since the beginning of the war. There is also no reason not to resort to primary legislation since the Knesset is functioning.
The wording of the regulations also gives them a very broad applicability and they may apply to a large number of businesses.
The reporting obligation contained in these regulations is very broad and may create a burden on the Cyber Directorate, which could soon be inundated with requests that it will have difficulty dealing with.
Experts are also concerned about the lack of any oversight by other government entities for this new scope of data access.
With the newly granted access, the national database could eventually be turned into a distinct biometric database not governed by earlier or updated regulations.
Visit PrivacyWatch.news to learn more about the dangers of unrestricted access to biometric data.
Watch the video below to learn how humans can be hacked using biometric data.
This video is from the Thrivetime Show channel on Brighteon.com.