Privacy & Ethical issues in Biometric Systems Francesco Bonadiman [email protected] 5 January 2015 Biometric Identification & Verification Craig Kershaw [email protected]
Jul 15, 2015
Privacy & Ethical issuesin Biometric Systems
Francesco [email protected]
5 January 2015Biometric Identification & Verification
Craig [email protected]
Introduction
- important topic inthe last 15 years
- lots of discussions
- but things haven’t changed so much
- for which reasons?
2
img3.wikia.nocookie.net images.gizmag.com
Biometric systems
- match “live” image with recorded part of the body
- who you are and what you dowhat you know or what you have
3
zvetcobiometrics.com
Biometric technology
- 2000: “barrier between personal data and unauthorized access”
human body→ passport
4
img3.wikia.nocookie.net chatelaine.com
Biometric identifiers5
wikimedia.com
intechopen.comfingerchip.fr
cl.cam.ac.uk
heyce.com
smartinsights.com
thefeetnesscentres.com
Verification
- User claims identity- System verifies- “1 to 1”
- Identifies user out of a database set
- “1 to many” (harder)
Identification6
hitachi.com
Negative connotations
- Privacy rejects Biometrics- Criminality (fingerprints/DNA sampling)
- Culturally undignified?
- Religious Objections
8
mcallen.net
“A piece of yourself”
- Identification → Image is a tool to permit recognition of the body
- Offering this “piece of yourself” objectifies the body
9
Loss of Privacy
- Fundamental privacy interest in control of:- Use of our own image- How/when we are represented to others
- Large number of biometric representations- Loss of privacy
10
Abuse & Misuse
- Violation of right to anonymity- Murphy’s Law → if any technology can be
misused, it will be- Positive identification of a biometric
- Third party gaining access
- Linking it to other information →
Secondary uses without consent
11
Data storage
- Required for Identification- Possible to be stolen- Law Enforcement- Pin-pointing and tracking
- Potential to be linked together → Detailed profile
- Third-party purchase- Direct marketers
12
Extra Information
- Extra, unauthorized information ends up being collected
- People’s age, gender and ethnicity - Emotional state detection, as reflected in their
expressions- Possible to detect medical history
13
Function creep
- ‘Function creep’ is the term used to describe the expansion of a process or system, where data collected for one specific purpose is subsequently used for another unintended or unauthorized purpose
14
unisoncctv.co.uk
Stealing Biometrics
- Possible to fool - Biometrics can be stolen- Duplicates can be made
- Quite complicated
- Biometric characteristics are not secrets
15
rt.com
Other Concerns
- Hygiene of biometric sensors
- Disabilities/Missing biometrics
- Personal image anxiety
- Unwanted identifications
- Witness Protection
16
Convenience
- Less fallible and potentially much faster
- High accuracy- No longer have to
remember passwords- User is present at
time/place of recognition
18
computerhowtoguide.com
Security
- Difficult to copy, share, or distribute
- Security level is equal
- Hard to lose - Cannot be forgotten- One account is no easier to break than another
19
Enhances Privacy?
- Immune from security breaches
- Properly designed and regulated, biometrics can protect privacy
- Gives power back to the individual
20
Conclusions
1. Technology improved but same old issues
2. Foolproof recognition does not exist
3. Fake attacks → serious concern
Deep influence on daily life
22
blog.bio-key.com
Legal perspective
1. Biometrics id’s exchange closely regulated
2. Severe penalties for unauthorized use
3. Authorities surveillance not allowed
4. Vendors should adhere to guidelines
24
Design perspective
1. Storing non-invertible data (hash)
2. Complete control to the individual
3. Multimodal-biometric system as in
http://youtu.be/iOpH6E7T6I0?t=31s
25
References▪ Alterman A., “A piece of yourself”: Ethical issues in biometric identification, Kluwer
Academic Publishers, 2003▪ Prabhakar S., Pankanti S., Jain A., Biometric Recognition: Security and Privacy
Concerns, IEEE, 2003▪ Mordini E., Massari S., Body, Biometrics and Identity, Bioethics, 2008▪ Valenza G. et al., Revealing Real-Time Emotional Responses: a Personalized Assessment
based on Heartbeat Dynamics, Nature.com Scientific Reports, 2014▪ A. Cavoukian, Privacy and Biometrics, Information and Privacy
Commissioner/Ontario, 1999▪ S. Shaikh, C.Dimitriadis, My Fingers are all mine: Five reasons why using biometrics
may not be a good idea, IEEE, 2008▪ http://www.theguardian.com/technology/2014/dec/30/hacker-fakes-german-
ministers-fingerprints-using-photos-of-her-hands▪ http://rt.com/news/218587-hacker-fingerprint-minister-photo ▪ http://news.bbc.co.uk/1/hi/world/asia-pacific/4396831.stm
27