Wednesday, 27 February 2008

‘Most Wanted Fugitive’ actually innocent German holidaymaker

It just goes to show how much you can rely on facial recognition software.

A German couple on holiday in the Sicilian resort of Taormina last year were mis-identified as James J Bulger, alleged American crime boss, one of the FBI’s most wanted - and his girlfriend Catherine Grieg.

Fortunately the FBI appear to have adopted a more sensible approach since they had pensioner Derek Bond arrested at gunpoint and clapped in irons whilst on a wine tasting holiday in South Africa. They misidentified him as one Derek Sykes, on their most wanted list. It was days before they even bothered to go look at him. He had to agree to extradition to try and sort it out.

It could have been far worse, he could have been in real trouble as happened to a German businessman in 2005, whilst off on holiday going to Macedonia.

He was allegedly arrested, held captive, flown to Afghanistan and tortured - by U.S. government agents after being mistakenly identified as an associate of one of the 7/11 Hijackers.

Oops! Sorry…

Presumably this is the same vaunted biometric technology to be included in Passports and New Labour’s beloved ID card system and database. The same facial recognition software that was trialled last year as a part of a airport security and hailed as a success.

Knowing it’s going to be there ready to misidentify you as a dangerous gangster, or a terrorist should make you feel so much more secure – doesn’t it?


Surreptitious Evil said...

Actually, and please don't take this as support for the appalling NIR and its bastard child the ID card but ...

Using biometrics to link a claimed identity (i.e. the name that is on your card) to the person presenting that card is, within limits, moderately reliable (moderate = approx 80% to 95% accuracy for people within 'normal' bounds. No idea what 'they' mean by 'normal'.) Oh, but that assumes that the registration and issuing process is perfect and the cards both unforgeable and unalterable.

This is completely different in paradigm, because of the Birthday Paradox, to the use of biometrics (or, in fact, anything) to select (= identify) people from a crowd. That just doesn't work.

CFD Ed said...

Surreptitious, So that means the best they can achieve is that around 5% to 20% of the time it does not work properly - this based on their own tests within unspecified, but presumably limited bounds.

So in real life it will actually be a higher rate of misidentification.

A ball park figure for BAAs UK passenger traffic was around 138.4 million for 2003, even at a 5% failure rate this is 6,920,000 passengers potentially unidentified, or misidentified.

Bad enough the kit not working properly in the UK - imagine being on the wrong end of it cocking up abroad..