When someone identifies themselves, yes; what about when we identify others through biometry?

The scene I'm reminded of is the on in Minority Report(?) where the main character is walking through a bank of bio-sensing ad displays, and has to not look at them to make sure they can't identify him from his iris/retinas.

As an analogy, imagine you take a picture of someone at an antifa vs. alt-right protest that turns violent.

All the picture tells you is they were there; it doesn't tell you whether they supported antifa, or supported the alt-right; it doesn't tell you if they were there as a police officer trying to keep the peace, or if they were simply trying to get in the front door of their apartment building when a clash broke out outside.

The biometry reveals their presence - it doesn't reveal their intent.

I was really thinking in biometry as used in a more ordinary situation, like a laptop fingerprint reader. With the most likely form of malicious behavior here being that of identity theft by a small-time attacker. Having to dodge biometric sensors or trying to avoid having your photograph taken at protest are more an issue of surveillance, either by government or by private citizens.

Sorry for not making myself clear at first, but what I mean is that passwords aren't a sufficient guarantee of intent either. If anyone has access to them, they can spoof someone's identity. I reckon that this doesn't really fit a civil rights discussion, because we haven't (I think) reached such a point yet, but government-backed attacker might spoof someone's identity in order to either infiltrate or hijack a civil organization. Essentially, a virtual mole.

> I mean, when someone identifies themselves through biometry, there's clearly an element of intent.

If I grab your finger and press it to your device, so that I can access your data, the intent is mine, not yours. Ideally, an auth method works with the intent of the user and only the user. That's his point. You can't grab/cut a passcode out of someones brain and place it on the scanner.

If a passcode is available in the world, it can be grabbed and intent can be feigned just as well.

> If a passcode is available in the world

Yes, but it only exists in the world during user intent. This isn't the case for an auth method which is entirely based on physically having something within your proximity. If I stand close to your, you auth method is now in my proximity, available for me to use, or possibly even take.