BIOMETRICS IMPLEMENTATION, ETHICAL AND PRIVACY ISSUES 7
BiometricsImplementation, Ethical and Privacy Issues
BiometricsImplementation, Ethical and Privacy Issues
Thetechnological developments achieved in the last few decades havegreatly threatenedthe security and privacy of personal information. Regardingthe computer and information system security, the use of credentialssuch as passwords hasfailed to uphold the security of personal identifying information.Worse, the detailssuchas age, race, address and financial accounts have become important inmany day-to-day activities, thereby making it impossible to avoidtheir use (Chieh-Heng& Chun-Chieh, 2015).In efforts to protect the personal information fully, differentorganizations have installed biometric systems that strengthenboth the identification and verification processes using uniquepersonal identifying characteristics that embeddedin biological and psychological behaviors (Nappi etal.,2014). However,regardless of the latest developments in the use of biometric systemsand their infrastructures, the safety,and privacy inthe useof individual’s personal information is still risks due tounauthorized access, function creep and misuse of sensitive data.
TheConcepts of BiometricSystems and Application
Biometricsrefers to the methods and tools used in authentication of request toaccess particular privileges a sophisticated security system offers.For instance, the access to government laboratory may requireidentification1and verification2of the person to determine whether the person is legitimate or not(Nappi etal.,2014). Upon successful identification and verification processes, thesystem allowsthe user to enter the lab. Therefore, biometrics works on automatedrecognition of a user according to their behaviors and biologicaltraits.
Theyworkinthe process ofthree steps which involves obtaining individual’s physiologicalcharacteristics achieved through sound or voice sample and imagescanning, creating a templateor identifying attributed from the scanning images, and matching thetemplates with the stored data activities (Chieh-Heng& Chun-Chieh, 2015).The scanning technologies currently used in development and workingof these systems include iris scanning, hand or face geometry,finger- printing and the voice recognition.
Withthese features, biometric systems are accurate in identifyingindividual or users accessing particular services or entry to asecured facility. Consequently, they have gained popularity in areassuch as banks, airports, government facilities, military facilities,medical institutions and currently in universities and researchcenters where security is a priority (Nappi etal., 2014).Also,the latest household items such as safes and mobile phone havefeatures such as fingerprint scanning and voice recognitionintegrated to enhances security. Similarly, the ATMs,computer networks,and smartcardsare equipped with individual’s physical and biological metrics toenhance security.
ThePrivacyand Ethical Issues
However,despite the increased benefits the use of biometrics offer, they posedangers to the individual’s information activities (Chieh-Heng& Chun-Chieh, 2015).Simply put, the identifying information about an individual is proneto abuse and misuse in the ways that threatens their safety andprivacy rights. The third party such as the security officers mayuse the information without consent or even the owner’s knowledge(Gonçalves, and Gameiro, 2014). For instance, personal biometricdata such as fingerprints and smartcardsare useful in trackingbank transactions and travel routes. Also,availability of tools that can duplicate some of the widely usedbiometrics makes owners of particular information subject to policeharassment and victimization. For instance, individual’sfingerprints areoften liftedfrom items such asglassor an office pen. Asa result,a criminalcan use such information to infiltrate security systems. Similarly,someone’s voice can be recorded and later used to trick a securitysystem.
Anotherissue with the use of biometric systems is people’s informationsuch as age, race, and gender can beusedforunintended purposes. While the data stored in this system ispurposely for security reasons, individuals such asresearchers,advertisers,and marketers may use such information totheir advantages (Gonçalves, and Gameiro, 2014). Sometimes, it isthe officers who are entrusted with such systems, whomay sell people`sdetails such as emails and phone numbers to the marketers, therebyfacilitating function creep3(Coetzee, 2013).Such use of information is common in medical settings whereby thedata from patients’ population intended for the studyof particular disease isusedin other research extensions that the data wasnot authorizedfor or consented.
Finally,people have no control of the use of their information in images,facial recognition or voice records stored in these systems. Simplyput, it is not possible for an individual to dictate the time andmethods their information should beused.Once the templates are developed and stored in the system, it is upto the organization or the people owning that system on how theyinformation should be used (Nappi et al., 2014). Consequently, therehas been complainingin America when people finds their photos in use to advertisewebsites or consumer goods online.
TheImpacts of These Issues to Individuals and Organizations
Theprivacy and ethical issues surrounding the biometric systems can haveadverse impacts onboth the individual and the organizations. For instance, employee’sdata can be misused leading to their harassment by criminals(Coetzee, 2013). With the rise of internet communities, onlinebullying has become part of the modern challenges. Also,individual’s financial accounts could be exposed opening the doorsfor robbery and con artistry. Finally, the exposure of individual’smedical information can lead to embarrassment and stigmatization ofpatient’s with terminal diseases.
MeasuresTo Prevent the Biometrics Privacy and Ethical Issues
Currently,various individual and organizations have pointed that biometricsystems should be designed to use data that is stored locally oncards templates insteadofthe common centralized government or organizational database (Pocs,2013). In this case, cases of function creep will reduce since thepeople hosting the biometric system will not be having the dataphysically.Also,the illegal sale of personal data to the advertisers or marketerswill beprevented.
Differentindividual have argued that biometric systems should not be mandatorybut rather optional. Also,the store biometric should be inthe form oftemplates rather than the images. According to Gonçalves, andGameiro (2014), images are easy to manipulate and falsify. Also,templates may be hard to decrypt,unlike images that can be edited using the cheap software.
Inmodern days, biometric systems are designed to allow auditing andoversight protocols that prevent the misuse of information accordingto the Privacy Act of 19744(Gonçalves, & Gameiro, 2014). Also,such protocols prevent or documents every access, use and can detectthe disclosure of sensitive personal information.
Finally,organizations have developed ways to back up the data in thesesystems to prevent failure or unauthorized access topersonal information (Pocs, 2013). In this case, these biometricsystems containa secondary security layout that is useful in case of attacks ortechnical failure.
Inbrief, biometric systems have demonstrated a high level ofinformation security leading to adoption by the organizationin different sectors. However, due to their ability to accommodateeven sensitive personal information, there are privacy and ethicalissues surrounding their implementation. Also,although the modern technology hasavailed measure to address these issues, not all individuals ororganizations can afford both the technology used and theirinfrastructure. In fact, only the government and big corporations canafford, the same entities from which the Americans wish they could tosafeguard their privacy and liberty
Chieh-Heng,K., & Chun-Chieh, Y. (2015). ExploringEmployees` Perception Of Biometric Technology Adoption In Hotels.InternationalJournal of Organizational Innovation,8(2),187-199.
Coetzee,M. (2013). Advancedbiometric technology: Reinforcing security within payment systems.Journalof Payments Strategy & Systems,7(1), 73-89.
Gonçalves,M. E., & Gameiro, M. I. (2014). Does the Centrality of Values inthe Lisbon Treaty Promise More Than It Can Offer? EU BiometricsPolicy as a Case Study. EuropeanLaw Journal,20(1), 21-33. doi:10.1111/eulj.12047
Nappi,M., Piuri, V., Tan, T., & Zhang, D.(2014). Introduction to the Special Section on Biometric Systems andApplications. IEEETransactions on Systems, Man & Cybernetics. Systems,44(11), 1457-1460. doi:10.1109/TSMC.2014.2337851
Pocs,M. (2013). Legallycompatible design of future biometric systems for crime prevention.Innovation: TheEuropean Journal of Social Sciences,26(1/2), 36-56. doi:10.1080/13511610.2013.747659
1 Identification is the act of finding a sample template from templates in the database.
2 Verification- refers to the process of comparing an input template with the information stored in the system’s databases.
3 Function creep- the advance application of collected data other than the primary use leading to the invasion of privacy.
4 Privacy Act of 1974-A US federal law that guides the access, use and sharing of information through establishment of Code of Fair Information Practices.