Vietnam To Collect Biometrics For New ID Cards

Starting in July, the Vietnamese government will begin collecting biometric information from its citizens when issuing new identification cards. The Register reports: Prime minister Pham Minh Chinh instructed the nation's Ministry of Public Security to collect the data in the form of iris scans, voice samples and actual DNA, in accordance with amendments to Vietnam's Law on Citizen Identification. The ID cards are issued to anyone over the age of 14 in Vietnam, and are optional for citizens between the ages of 6 and 14, according to a government news report. Amendments to the Law on Citizen Identification that allow collection of biometrics passed on November 27 of last year.

The law allows recording of blood type among the DNA-related information that will be contained in a national database to be shared across agencies "to perform their functions and tasks." The ministry will work with other parts of the government to integrate the identification system into the national database. [...] Vietnam's future identity cards will incorporate the functions of health insurance cards, social insurance books, driver's licenses, birth certificates, and marriage certificates, as defined by the amendment.

As for how the information will be collected, the amendments state: "Biometric information on DNA and voice is collected when voluntarily provided by the people or the agency conducting criminal proceedings or the agency managing the person to whom administrative measures are applied in the process of settling the case according to their functions and duties whether to solicit assessment or collect biometric information on DNA, people's voices are shared with identity management agencies for updating and adjusting to the identity database."

Commies be commies

[Tablizer]

and dictators be dictators.

Mod parent up!

[Brett Buck]

Beat me to it...

Re:

[nospam007]

All EU countries are required to issue national ID cards that include biometric data—specifically two fingerprints and a facial image of the cardholder—for individuals aged 12 years and older, as part of the Regulation (EU) 2019/1157.

Re:

[Tablizer]

But DNA and voice samples is going too far.

Re:

[nospam007]

'But DNA and voice samples is going too far.'

Ah, I see, you assumed I RTFA, 'I'd say, you must be new here, welcome' but I see from your UID that you're not. :-)

How about doing biometrics the right way?

[ctilsie242]

How about they do biometrics the right way? Collect the data, store it offline, like how BATF 4473 records are stored, with manual record requests if needed of just the relevant data. However, you make some hashes of the biometrics, be it a SHA-256 hash, SHA-512 hash, or even a HMAC with a known key if one wants that SHA goodness with added security.

The hashes can go to online databases, and be used, even put as part of ID cards. This way, the actual biometric info is pretty much unavailable, and if a HMAC system is used with the key part changed every so often, there is no feasible way to take a user's biometric data gained from another source and validate it without knowing the key part of the HMAC.

Re:

[markdavis]

>"How about they do biometrics the right way?"

Is there a right way? The only data that can't be abused is data that is not collected.

And biometric data that *is* collected should be data that is least likely to be abused, like retinal (not iris) scans, handwriting, footprints (not finger/hand), deep vein palm scans, and photos (although that one is already being abused through CCTV). Fingerprint data is already horribly abused, snaring tons of people in wide-nets, since they are left all over the place

Re:

[cusco]

Handwriting identification is absolutely not reliable. Iris scans are, for about 10 years (absent major damage to the eye, of course) before the pattern changes enough to no longer match the original. Retinal scans, besides being very intrusive and requiring more expensive hardware, have a shorter life span before they no longer match.

The biometric systems at the Amazon stores (Whole Foods, Fresh, and Go) use the 'deep vein scan' you mentioned in their palm scanners. Everyone in the physical security pro

Re:

[mobby_6kl]

Is there a right way?

Yes, we do it in Europe, you can get biometric ID or passports and it's fine. Nobody's getting put into FEMA death camps because their iris scans or anything like that.

Re:

[markdavis]

You missed the point.

Just because you think they are doing it right now, and there is no way you can know that for sure, doesn't mean it won't be broken tomorrow. Either by a different government, or hackers. Once the cat is out of the bag, it is over.

Re:

[schwit1]

How about a US law prohibiting biometric collecting, storing or using?

Biometrics is a step towards digital ID.

Re:

[MacMann]

How about a US law prohibiting biometric collecting, storing or using?

Biometrics is a step towards digital ID.

Can you define "biometric" in a way that doesn't exclude photographs? It will be difficult to prove someone is who they claim to be without something to back that up, like a photograph or fingerprint and both of those could be considered "biometric" in some dictionary.

When writing laws the words being used need definitions, and if left undefined then judges hearing a case will grab a dictionary to settle the dispute. If there's a law prohibiting biometric data collection then expect someone to challenge t

Re:

[jenningsthecat]

How about a US law prohibiting biometric collecting, storing or using?

Biometrics is a step towards digital ID.

I think you meant that second sentence as an argument for NOT collecting biometric data. Many people consider that "step towards digital ID" as a feature, not a bug.

Anyone else remember "Red Dawn"?

[MacMann]

How about they do biometrics the right way? Collect the data, store it offline, like how BATF 4473 records are stored, with manual record requests if needed of just the relevant data.

In the 1984 film Red Dawn there was a plot point of the 4473 records being used by those invading the USA to find all the guns in the area. I suspect the inclusion of that plot point was a political statement since it wasn't necessary to set the scene or move the plot. I'm not so sure you want to use the Form 4473 as an example of how to do things the "right way" since the 4473 has been abused before. The Red Dawn example is fictional but it does give an idea on how such abuses played out in real life, j

Re:

[ctilsie242]

Agreed. I didn't intend to digress about how gun ownership data is stored, but how it is stored. Having the data not easily available to be slurped off via a simple rsync or sftp, at the minimum, would bring a lot of security, which is why the biometric data should be stored offline, and only hashes used, or a tokenization system put into place where a fingerprint would hit a central server, match ID info, then that token sent back, where the actual ID info is at least stored in a secure place and not eas

Re:

[ArchieBunker]

Gun owners already pay an organization to maintain a database of ownership, the NRA.

Re:

[cayenne8]

Gun owners already pay an organization to maintain a database of ownership, the NRA.

Err.....what?

Joining or registering with the NRA is not mandatory and most gun owners are not members.

And for the past decade at least..the NRA is not really a viable, valid voice in the 2A community anymore.

There are other 2A organizations that are much better and much more active in protecting 2A rights.

The NRA really is a shell of what it used to be long ago....

Re:

[ctilsie242]

The NRA definitely doesn't maintain an active database of any firearms I own or trade.

I'm sure that with some social media scouring and use of AI, you can find the pro-2A people in the US... but what then? Hard jump from that to knowing who is just pro 2A because their cool friend is, versus the guy buying them cheap and stacking them deep since the 90s.

Re:

[ArchieBunker]

Chances are if you belong to the NRA you also own a gun or three. So the NRA members list doubles as a gun ownership list.

Re:

[cusco]

Have you seen the 2012 remake of 'Red Dawn'? It's unintentionally hilarious, somehow North Korea manages to invade and occupy the West Coast of the US. Amazingly bad, and definitely worth watching while under the influence.

Re:

[MacMann]

Have you seen the 2012 remake of 'Red Dawn'?

No, and I don't plan to. I might watch if I happen across it on TV sometime so it's not like I'm actively avoiding it, I'm just not taking any special effort to look for it.

It's unintentionally hilarious, somehow North Korea manages to invade and occupy the West Coast of the US. Amazingly bad, and definitely worth watching while under the influence.

I did hear it was pretty bad. I recall reading how the Chinese were removed as an antagonist so the film could be shown in China and make more money. Many scenes were already shot which indicated involvement of the Chinese before the decision was made. This meant heavy editing needed to be done, such as digitally altering insignia on

Re:

[cusco]

There was originally a plot?

Re:

[account_deleted]

Comment removed based on user account deletion

Re: Win for the citizens

[PoopMelon]

There is so much wrong with this comment i dont even know where to start

Re:

[bubblyceiling]

I know it scares people. CBDC will mean the end of a lot of shady shit

Re:

[Tablizer]

It almost makes it easier for dictators to hunt down and jail dissidents. Is that worth going without a card?

Re:

[Tablizer]

Correction, "It also makes..."

Re:

[bubblyceiling]

They are already doing that. Plus not like barter is going to go away, like ever. This is only going to work for large scale crimes