All products featured on WIRED are independently selected by our editors. However, we may receive compensation from retailers and/or from purchases of products through these links.
In the early hours of August 30, 2017, Myanmar government forces surrounded the village of Tula Toli. The village was home to a small community of ethnic Rohingya, a persecuted Muslim minority in Myanmar. Around 08:00, soldiers began setting fire to the outlying houses.
As the terrified villagers tried to flee, they were rounded up and taken to the beach of a nearby river. There, the soldiers separated the men from the women and children, and killed them with knives and machetes. Once they were finished, survivors recalled, the soldiers dug a hole, put the bodies inside, then used leaves and bamboo to start a fire. They threw in grenades, before covering the mass grave with sand. The massacre took hours. Afterwards, the killers turned to women and girls.
The soldiers violently raped the women and girls, beat them unconscious, then locked them inside their houses, before setting them on fire. Many burned to death. Some were shot. But as the houses went up, some women regained consciousness, and managed to break out and escape. Thus began the long flight of the Tula Toli refugees.
Since August, when the Myanmar government began its brutal ethnic cleansing campaign, over 688,000 Rohingya Muslims have escaped over the border to Bangladesh. The refugees have gathered in camps in a border area known as Cox’s Bazar, where the sheer scale of the crisis threatens to overwhelm the local authorities.
Humanitarian organisations, including the United Nations High Commissioner for Refugees, have been working with the Bangladeshi government to coordinate everything from food distribution to treating the wounded. In order to make this immense effort easier, they have been using a new system of biometric identification.
UNHCR and the Bangladeshi government register every refugee over the age of five, collecting fingerprints and photographs. Refugees are only able to receive aid after being enrolled in the database.
The Rohingya are fleeing violence and persecution on the basis of their identities. Now their most intimate information is being collected and stored in a database over which they have no control. Instead, the power lies with humanitarian agencies – and, worryingly, with the Bangladeshi government.
Just months after they barely escaped with their lives, the Bangladeshi government is in negotiations with the Myanmar government to send the refugees back – despite evidence that Myanmar is continuing to burn Rohingya villages, bulldozing mass graves to hide the evidence and refusing to allow UN human rights investigators to enter the area. UN Special Envoy on Human Rights Yanghee Lee said in February that the situation has “the hallmarks of a genocide.”
Sending the Rohingya, and all their data, back to Myanmar places their lives in great peril. For the agencies charged with protecting some of the world’s most vulnerable people, the case also raises a deep dilemma – is collecting biometric data always in the best interests of refugees themselves? And if not, should the data be collected in the first place?
For UNHCR, biometric technologies seemed like a clear solution to one of its biggest problems: identifying each of the millions of refugees and internally displaced people around the world. Many of the millions of people fleeing wars or disaster zones weren’t able to bring identity documents, or else they lost them during the journey. Distributing food and aid to so many people is a complicated task. UNHCR wanted to be able to verify who it had helped, and who it hadn’t.
“Most elements of UNHCR’s programme delivery depend on identity data, from initial registration, to provision of assistance, to protection interventions, and eventual solutions,” says UNHCR spokesperson Cécile Pouilly.
Since the Biometric Identity Management System, as it is known, made its debut in Malawi in 2013, it has expanded to cover more than 200 locations across 43 countries, including India, Thailand and the Democratic Republic of Congo.
Of the more than 22.5 million refugees believed to be spread across the world, almost 20 per cent are registered. That’s 4.4 million adults and children over the age of five.
UNHCR doesn’t just register refugees; it continues to collect data on them each time a refugee comes into contact with UNHCR's services.
“With each contact, including protection intervention, document renewal, assistance delivery, interview to determine refugee status and assessment of solutions, UNHCR builds the identity data held, and cross-checks and confirms previous elements," says Pouilly.
“UNHCR often has detailed knowledge of given individuals spanning years or decades, and with biometrics, those identities can be recognised across any UNHCR location.”
For human rights advocates, this is a worry. Collecting, storing and using personally identifying information about refugees – which, by its very nature, cannot be changed – could post life-threatening risks if it falls into the wrong hands, whether through data sharing agreements, leaks or criminal hacking.
Such is the level of concern that, in 2015, Oxfam voluntarily imposed a moratorium on the use of biometrics in its work. “Given the number of unknowns around most effective operation and governance models and risks of this incredibly sensitive data falling into the wrong hands, we felt it was best not to become an early adopter,” says Anna Kondakhchyan, ICT in programme humanitarian adviser with Oxfam.
But UNHCR is committed to its biometrics programme – and indeed is rapidly expanding it, with the aim of making it active in 75 countries by 2020. By that point, it will be among the biggest multinational biometric programmes in the world.
To give genuine, informed consent for biometric data collection, two things are necessary. First, the person has to have all the information they need to understand what they are committing to. Second, they need to be able to choose freely. For refugees, this is far from straightforward.
A UN internal audit in 2016 found that in four out of five country operations reviewed, the information being given to refugees about the biometric program was insufficient for them to be properly informed. The audit reported that refugees in India, Thailand and the Democratic Republic of Congo were all being told different things about how their data would be handled and shared.
“There was no evidence that the persons of concern were informed of their rights and obligations, for example through the distribution of leaflets or posting of visibility materials in registration sites,” the audit noted.
The ability of refugees in desperate need of aid to refuse consent for their biometric data to be collected is also questionable. A group of Burundian refugees in the Democratic Republic of Congo (DRC) recently refused to allow their biometric data to be collected for religious reasons. As a result, they claim, they no longer receive aid from humanitarian agencies.
The DRC government, which has been widely condemned for human rights abuses, requires refugees to register their fingerprints and iris scans. UNHCR works with DRC authorities to manage over half a million refugees and asylum seekers, including biometric data collection.
“We’ve had no more assistance from humanitarian organisations since January 1, 2018, still less from the (UN) High Commissioner for Refugees," group spokeswoman Francoise Ndayisenga told AFP in January. "We are not going to accept this [database] registration in spite of the difficult existence they want to impose on us as our beliefs forbid it. In order to survive we have to sell what few items we have to local people, such as kitchen utensils, clothes, radios and televisions — even livestock products."
For refugees fleeing violence or persecution, the possibility of biometric data falling into the wrong hands is a very real threat. Criminals, conflict actors and state-sponsored hackers could all have interests in accessing their information, placing their safety and perhaps also the safety of their friends and family still in countries of origin at stake.
“Gathering biometric data requires the institutions that hold this data to maintain an incredibly high level of operational and organisational security – which is not typically what humanitarian agencies are known for, particularly in field situations, where their conditions are tough,” says Zara Rahman, a researcher with The Engine Room, an NGO which supports civil society in using tech and data strategically and responsibly.
An internal UN report on the biometric system in Kenya in 2015 documented some alarming security practices. "UNHCR did not consider it necessary to install encryption tools in the laptops used by the litigation teams and to conduct network penetration tests to ensure laptops and network connectivity are protected against any sort of unauthorized intrusion," the audit found.
“Network intrusion or remote hacking of UNHCR’s system could compromise sensitive information stored in the database. This sensitive information could be accessed remotely by unauthorized persons, endangering UNHCR’s mandate to protect the confidentiality of refugee data.”
Other cases have been documented of crucial servers and devices storing biometric data being kept in easily accessible areas, raising the risks of tampering or data theft. UNHCR has since accepted recommendations to use encryption and improve its security practices.
"UNHCR is aware of the risks associated with the collecting and using of sensitive personal data and works in accordance with the UNHCR Data Protection Policy, recognised industry standards and best practices," Pouilly said in response to questions about how UNHCR manages the risks of biometric data collection.
However, the 2016 audit found that UNHCR staff implementing the biometrics program did not thoroughly know or understand UNHCR’s data protection policies. "All five country operations reviewed during the audit had limited knowledge of the Policy, and/or considered it abstract and difficult to implement due to lack of staff with sufficient technical capacity and political sensitivities," the audit states.
This failure to apply policies in practice has at times lead to refugees’ data being shared where it should not have been. In one case, lists of refugee students who had fled to the Democratic Republic of Congo were shared by UNHCR with the government of the Central African Republic from which the students had fled, potentially putting those people and their families at risk of being targeted. Now, human rights advocates fear the same thing may be about to happen in Myanmar.
For the Rohingya refugees camped in Cox’s Bazar, the ability to flee from the Myanmar security forces just a few months ago meant the difference between life and death. This time, however, fleeing is not an option. The biometric data which humanitarian agencies and the government have been collecting is not only being used to distribute aid to the Rohingya people; it is also being used to control their movements.
In at least two of the camps managed by UNHCR, refugees are not allowed to pass outside of Bangladeshi military and paramilitary checkpoints without an Exit Pass. All refugees are legally confined to the areas designated by the Bangladeshi government, and are not allowed to travel by roads, railways or waterways. Police posts and surveillance points have been set up in key transit hubs to prevent refugees from travelling to other parts of the country, and bus and truck drivers have been told not to accept refugee passengers. The fear for the Rohingya is that this biometrically-enabled control system could be used to send them back to Myanmar.
On November 23, 2017, Myanmar’s government signed an agreement with the Bangladeshi authorities for the return of Rohingya refugees. Two days later, satellites belonging to the NGO Human Rights Watch detected fresh burnings in Rohingya villages.
“The satellite imagery shows what the Burmese army denies: that Rohingya villages continue to be destroyed. Burmese government pledges to ensure the safety of returning Rohingya cannot be taken seriously,” says Brad Adams, Asia director at Human Rights Watch.
But the Bangladeshi authorities appear determined to proceed with plans to return the Rohingya to Myanmar – and the collection of refugees' biometric data helps them swiftly identify any who might manage to slip through the net. Officials from Bangladesh have publicly stated that the biometric registrations will be used to help in sending the Rohingya refugees back to Myanmar.
Other information being collected by Bangladeshi authorities to share with the Myanmar government includes names, gender, birthplace, names of mother and father, date of birth, family relationships, address in Myanmar, professions and a family photo. Bangladeshi authorities have already given lists of at least 8,000 Rohingya refugees to the Myanmar government as a first step.
"The Bangladeshi government have said explicitly that they don't want the Rohingya there, so there are definite worries around what they could do with a biometric database of the Rohingya population," says Rahman.
Biometric identification has enabled UNHCR and its partners to cope with a crisis of enormous scale and speed, as they work to feed, shelter and administer the equivalent of a small city full of traumatised and desperate people which sprang up virtually overnight. But it has created potentially lifelong risks for the Rohingya refugees.
"The potential risks of gathering biometric data are almost too vast to really comprehend," says Rahman. "All of these risks are amplified when it comes to situations like the humanitarian sector, where the power disparities are so great between the agencies, and the people who would be affected most directly by these technologies."
This article was originally published by WIRED UK
