The International Biometrics Group BioPrivacy Initiative™ has published an excellent list of privacy concerns as they relate to biometrics:
Personal Privacy. For some people, the use of biometrics is seen as inherently offensive. Being required to verify one’s identity through a finger-scan or voice-scan can be seen as intrusive, impersonal, or mistrustful. These objections to biometrics are based on personal privacy.
[My two-cents: I’m surprised that IBG considers finger-scans and voice-scans to be equally “intrusive.” Voice-scans can be captured via a telephone or microphone in a natural way – speaking.]
Informational Privacy. A more common objection to biometrics is based on informational privacy; how biometric data might be misused, tracked, linked, and otherwise abused. Potential privacy-invasive misuses of biometrics are as follows:
Unnecessary or unauthorized collection – gathering biometric information without the user’s permission or knowledge, or gathering biometric data without explicitly defined purposes
Unauthorized use – using biometric information for purposes other than those for which it was originally acquired
Unauthorized disclosure – sharing or transmitting biometric information without the user’s explicit permission
Unique identifier – using biometric information to track a user across various databases, to link different identities, and to amalgamate personal data for the purposes of surveillance or social control
Improper storage – storing biometric information in logical proximity to personal data such as name, address, social security number
Improper transmission – transmitting biometric information in logical proximity to personal data such as name, address, social security number
Forensic usage – using biometric information to facilitate investigative searches, which may be categorized as unreasonable search and seizure
Function creep – gradually using biometric data for a variety of purposes beyond its original intention and scope
[My two-cents: With the exception of military and law enforcement applications, I believe it is absolutely critical to provide full-disclosure (e.g., how data will be used, stored, etc.) to people who use a biometrics system.]
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment