According to Jacobsen’s book, AABIS aimed to cover 80% of the Afghan population by 2012, or roughly 25 million people. While there is no publicly available information on how many records this database now contains, and neither the contractor managing the database nor officials from the US Department of Defense have responded to requests for comment, a figure does not confirmed from the LinkedIn profile of his US-based company, the program administrator puts it at 8.1 million registrations.
AABIS was widely used in various ways by the previous Afghan government. Applications for government positions and positions in most projects required a biometric verification of the MoI system to ensure that applicants did not have a criminal or terrorist background. Biometric controls were also required for applications for passport, national identification and driver’s license, as well as for registrations for the country’s university entrance exam.
Another database, slightly smaller than AABIS, was connected to the “e-tazkira”, the country’s electronic national identification card. When the government fell, it had approximately 6.2 million applications in process, according to the National Statistics and Information Authority, although it is unclear how many applicants had already submitted biometric data.
Biometrics was also used, or at least publicized, by other government departments. The Independent Electoral Commission used biometric scanners in an attempt to prevent electoral fraud during the 2019 parliamentary elections. with questionable results. In 2020, the Ministry of Industry and Commerce Announced They would collect biometric data from those who were registering new businesses.
Despite the large number of systems, they were never fully connected to each other. TO August 2019 audit for the US found that despite $ 38 million spent to date, APPS had not met many of its goals: biometrics were not yet directly integrated into their personal files, but were linked by biometric number unique. The system also did not connect directly to other computer systems of the Afghan government, such as the Ministry of Finance, which sent salaries. APPS also relied on manual data entry processes, the audit said, leaving room for human error or manipulation.
A global problem
Afghanistan is not the only country adopting biometrics. Many countries are concerned about so-called “ghost beneficiaries”, false identities that are used to illegally collect wages or other funds. Preventing this type of fraud is a common rationale for biometric systems, says Amba Kak, director of global policies and programs at the AI Now institute and a legal expert on biometric systems.
“It is very easy to paint this [APPS] as exceptional, ”says Kak, who co-edited a book on global biometric policies. “It seems to have a lot of continuity with global experiences” around biometrics.
“Biometric identification as the only effective means of legal identification is … flawed and a bit dangerous.”
Amber Kak, IA now
It is widely recognized that having legal identification documents is a right, but “combining biometric identification as the only effective means of legal identification is,” he says, “flawed and a bit dangerous.”
Kak questions whether biometrics, rather than policy fixes, is the correct solution to fraud, adding that it is often “not evidence-based.”
But driven largely by US military objectives and international funding, the deployment of such technologies in Afghanistan has been aggressive. Even if APPS and other databases have not yet reached the level of function for which they were intended, they still contain many terabytes of data on Afghan citizens that the Taliban can extract.
“Mastery of identity”, but who did it?
The growing alarm about biometric devices and databases left behind, and the lots of other facts about everyday life in Afghanistan, has not stopped collecting confidential data from individuals in the two weeks between the Taliban’s entry into Kabul and the official withdrawal of US forces.
This time around, the data is being collected mostly by well-meaning volunteers into insecure Google forms and spreadsheets, highlighting that the lessons on data security have yet to be learned, or should be relearned by all groups involved.
Singh says more attention needs to be paid to the question of what happens to data during conflicts or government collapse. “We don’t take it seriously,” he says, “but we should, especially in these war-torn areas where information can be used to create a lot of havoc.”
Kak, the biometric law researcher, suggests that the best way to protect sensitive data may be that “this kind of [data] the infrastructures … were not built in the first place. “
For Jacobsen, the author and journalist, it is ironic that the Defense Department’s obsession with using data to establish identity can actually help the Taliban achieve their own version of identity dominance. “That would be the fear of what the Taliban are doing,” he says.
Ultimately, some experts say that the fact that the Afghan government’s databases were not very interoperable may actually be a saving grace if the Taliban try to use the data. “I suspect the APPS still aren’t working that well, which is probably a good thing in light of recent events,” Dan Grazier, a veteran with the watchdog group Project on Government Oversight, said by email.
But for those logged into the APPS database, who may now find themselves or their relatives being hunted by the Taliban, it is less irony and more betrayal.
“The Afghan military relied on their international partners, including and led by the United States, to build a system like this,” says one of the people familiar with the system. “And now that database will be used as [new] weapon of the government “.