The Next Big Data Breach

Peter Swire, who served as the Clinton administration's chief counselor for privacy in the Office of Management and Budget for two years, had a dire warning today for the Senate's Homeland Security and Governmental Affairs Committee: Biometric data, namely fingerprints, is the next security breach waiting to happen. The federal government -- including the FBI, the State Department and the Homeland Security Department's U.S. VISIT program as well as its border agents -- have collected millions of fingerprints. And digital fingerprints are becoming a more acceptable means to identify just about anyone, including using them to gain access to a computer. And the federal government is collecting fingerprints on all government employees and contractors for its new ID badges under Homeland Security Presidential Directive 12. That's a lot of fingerprints.

"It’s not that hard to fake a fingerprint," Swire told the panel. "Google it and you can find a way to fake one for less than 10 bucks."

It's true. A Google search for "fake fingerprint" returns a whole page on how to fake a fingerprint -- even a You Tube video. And most don't even charge for the information.

Swire recommends Congress require agencies to encrypt the fingerprints to protect them from theft.