DNA evidence (posted by Fabien Villard)
Often people ask me why I don’t like the use of DNA and other biological markers as identities. My answer can be expressed in two points:
- Biometric data cannot be repudiated. If your biometrics are compromised you cannot change them like you can do when your personal certificate (or password) is compromised.
- Biometric data are not secret. You expose them every time, when living your normal life. This is especially true for fingerprints and DNA samples.
Danger of point two is linked to the ability to fake biometrics and impersonate someone else. This was already possible for fingerprints and even eye pupil (retina scans can not yet be obtained without a special gear and the will of the victim) but seemed impossible for DNA samples. This no more true:
http://arstechnica.com/science/news/2009/08/dna-samples-used-by-crime-labs-faked-in-research-lab.ars
The problem does not come from the fundamental idea that DNA is uniquely identifying someone but from the process used to determine the DNA print inside a sample. And there is a solution, but it seems costly…