How will biometrics affect our privacy?

Fingerprint scanners are a popular type of biometric system. See more computer accessory pictures.
Fingerprint scanners are a popular type of biometric system. See more computer accessory pictures.
Thinkstock Images/Comstock/Thinkstock

We've all seen movies in which a character has a retinal scan to prove his or her identity before walking into a top-secret installation. That's an example of a biometric system. In general, biometrics is a collection of measures of human physiology and behavior. A biometric system could scan a person's fingerprint or analyze the way he or she types on a keyboard. The purpose of most biometric systems is to authenticate a person's claimed identity.

Biometrics tend to be more convenient than other methods of identity authentication. You might forget your ID at home when you head out the door, but you'll still be able to use biometric devices. Imagine verifying your identity while at the store by swiping your finger across a sensor.

But along with convenience and security comes a concern for privacy. For biometrics to work, there needs to be a database containing the relevant information for each individual authorized by the system. For example, at that top-secret installation, every employee's biometric signature would have to be recorded so that the scanners could verify each person's identity.

This might not present much of a problem on its own. If the only data the system stores relates to the actual biometric measurements, privacy violations are at a minimum. But by their very nature, biometric systems collect more information than just the users' fingerprints, retinal patterns or other biometric data. At a basic level, most systems will record when and where a person is at the time of a scan.

 

I Recognize That Face

Biometric systems with cameras may use facial recognition software or study the way you move to identify you.
Biometric systems with cameras may use facial recognition software or study the way you move to identify you.
Jupiterimages/Comstock/Thinkstock

You might think of fingerprint or retinal scanners when you hear the word biometrics, but the term has a broader definition. Facial recognition technology falls into the biometric category. There are already several cameras on the market that can detect faces. A few are able to recognize and remember a group of faces. You just take a picture of a friend, tag the photo and the camera will automatically tag any future photos of that friend. It's both cool and creepy.

Imagine using this technology in public places to identify the people passing through. For example, a major city might install cameras at high-traffic areas to scan for terrorists or identify criminals. While the motivation for using that technology might be pure, it creates difficult privacy issues. The city would have a record of everyone who passed through that neighborhood. The technology treats everyone as a suspect as if it's only a matter of time before each of us commits a crime.

And what happens if the technology makes a mistake and misidentifies someone? Weather conditions, clothing, hairstyles and even the cleanliness of the lens could affect the ability of the camera to identify people. Critics might ask: Why install a system that's unreliable?

What happens if a person suffers an illness or injury that changes his or her appearance? Such a change could present problems with biometrics. Adjusting the biometric system to accommodate the change could also result in a violation of the user's privacy. The system administrator now knows more details about the user.

A society with pervasive biometric systems would make anonymity a virtual impossibility. Should that society become oppressive or otherwise abusive to the population, the citizens would have few opportunities to react without revealing their own identities.

Groups like the Biometrics Institute are aware of privacy concerns and strive to create processes to limit the chance for biometric applications to violate a person's privacy. Other groups advocate that companies, governments and other organizations conduct a privacy assessment before installing a biometric system. With vigilance and caution, we may find a way to incorporate biometrics into our lives and still maintain our privacy.

Related HowStuffWorks Articles

More Great Links

Sources

  • Abernathy, William and Tien, Lee. "Biometrics: Who's Watching You?" Electronic Frontier Foundation. (March 4, 2010) http://www.eff.org/wp/biometrics-whos-watching-you
  • Biometrics Institute. "Biometrics Institute Privacy Code." (March 4, 2010) http://www.biometricsinstitute.org/displaycommon.cfm?an=1&subarticlenbr=8
  • Brown, Ian. "Privacy, trust and biometrics." Oxford Internet Institute, University of Oxford. (March 4, 2010) http://www.slideshare.net/blogzilla/trust-privacy-and-biometrics
  • Clarke, Roger. "Biometrics and Privacy." Xamax Consultancy Pty Ltd. April 15, 2001. (March 4, 2010) http://www.rogerclarke.com/DV/Biometrics.html
  • Condon, Stephanie. "Govt. biometrics use still raises privacy concerns." CNET. Oct. 8, 2008 (March 4, 2010) http://news.cnet.com/8301-13578_3-10060601-38.html
  • Mordini, Emilio and Massari, Sonia. "Body, Biometrics and Identity." Bioethics. Vol. 22, Issue 9, 2008. pp. 488-498.
  • National Science and Technology Council. "Privacy & Biometrics Building a Conceptual Foundation." (March 4, 2010) http://www.biometrics.gov/docs/privacy.pdf
  • Roy, Saumya. "Biometrics: Security Boon or Busting Privacy?" PC World. Jan. 25, 2002. (March 4, 2010).http://www.pcworld.com/article/81444/biometrics_security_boon_or_busting_privacy.html