London Underground cleaners refuse biometric clock-in

A British trade union representing cleaners on the London Underground train service has instructed its members not to use biometric fingerprinting devices to clock in to and out of shifts, calling the measure an attack on civil liberties.

Hamburg Commissioner for Information Protection and Privacy, Professor Dr Johannes Caspar. Source: HmbBfDI.

The London chapter of the National Union of Rail, Maritime and Transport workers (RMT) says it received almost total support for cleaners working for the Danish company ISS to take industrial action "short of strikes" in a ballot.

"We congratulate our members on their determination to resist this draconian attack on civil liberties," the RMT said in its notes to the ballot.

"We instruct our members to take industrial action short of strikes from 00:01 on Thursday 19 September 2013 until further notice, by booking on and off duty using the established method and not using the biometric machines," the union said.

Speaking to the BBC, the communications director for ISS UK, Adam Wurf, denied criticisms that the measures are draconian and infringe on civil liberties.

"It's about making sure we have the right people - verified and trained - in the right place at the right time," Wurf said.

The use of biometric fingerprint sensors for authenticaiton of users is currently being debated around the world, after Apple released it's new iPhone 5S handset featuring a fingerprint reader.

While some recognised experts such as Bruce Schneier say fingerprint authentication is fine as long as it only used to unlock local devices and not for providing access to centralised databases, others disagree and recommend users to stay away from them altogether.

In Germany, a Hamburg official in charge of information protection and privacy, Dr Johannes Caspar, warns in Der Spiegel that fingerprint authentication should not be used as an everyday authentication method as it is a permanent feature of a person and thus cannot be deleted or otherwise altered.

Apple does not store fingerprint data in the cloud, but Caspar said the average user does not have control over what apps on a phone do, or which data they access. 

He added that even before the revelations of the United States National Security Agency (NSA) mass surveillance programs, which involve hacking of handsets to capture data stored on them, entrusting sensitive information to mobile devices was risky.

His advice to users is to follow the principle of data minimisation. 

"If it doesn't have to be there, remove the biometric data, no matter how convenient it might be," he said.