Biometrics and Privacy: Finding the Perfect Middle Ground
By Bob Eckel, CEO, Aware
Confirming the identification of the world’s most wanted man leaves no margin for error. In fact, when Osama bin Laden was killed in 2011, he was identified through facial recognition which was later confirmed by DNA analysis. Few would argue this was not a commendable use of biometrics.
Since then, biometric technology has been used in a variety of laudable initiatives designed to keep our country and citizens safe. In the past several years, U.S. Customs and Border Protection (CBP) has had tremendous success with its facial comparison system detecting criminals, terrorists and impostors trying to enter the country by using another person’s identification and travel documents. Most recently, DNA tests have helped determine if children arriving at the southern border do in fact belong to the accompanying adults or are being used as pawns.
Privacy concerns surrounding biometrics may be perceived as a gray area, but we believe the resolution lies in properly designing a system to eliminate the need for compromise. Biometrics are simply too valuable, and yet there are proven ways they can be implemented ethically, in a manner that builds the public’s trust. For instance:
Clear Opt-In/Opt-Out Procedures: Currently, the CBP is using biometrics to scan travelers at 26 seaports and 159 land ports and airports across the country. Complete privacy notices are prominently visible at locations using facial recognition, along with easy-to-understand instructions on how American citizen travelers can simply opt out of the screening. The facial recognition verification process takes less than two seconds for arrivals, and this convenience factor is a prime reason the vast majority of people opt into the system.
The CBP is often highlighted as an example among operators in terms of how to implement biometrics correctly, and this has much to do with their very clear opt-in and opt-out procedures. Everyone is fully informed of their options and as a result, people feel a sense of control.
Privacy by Design – Proper Data Storage, Processing and Protection: People often worry that the collection of biometric data in one central database makes us vulnerable to “the mother of all data breaches.” In reality, there are actually several easy ways for this to be avoided. First, an organization deploying biometrics may choose to delete data, such as facial images, within a matter of milliseconds after they are captured, used and no longer needed. In addition, organizations can make sure this data is never shared with third parties or industry partners.
There are other techniques as well, such as the “cancellable biometric” – where a distorted biometric image derived from the original is used for authentication. For example, instead of enrolling with your true finger (or other biometric), the fingerprint is intentionally distorted in a repeatable manner and this new print is used. If, for some reason, your fingerprint is “stolen,” an essentially “new” fingerprint can be issued by simply changing the parameters of the distortion process.
Biometric data can also be stored completely and separately away from other personally identifiable information (PII), meaning that even if a hacker were to be able to get access to biometric data, without accompanying PII, this data would hold no value. Finally, one of the most groundbreaking new techniques involves breaking biometric templates into anonymized bits and then storing this data in different places throughout a network, making it virtually impossible for a hacker to access complete biometric templates.
Eliminating the Potential for Bias: In the area of facial recognition, research has shown that certain biometric algorithms may not be as accurate in matching or distinguishing the facial morphologies of certain minorities – including Asians, Blacks and Native Americans – and genders.
However, facial recognition has come an extremely long way in recent years, driven by advances in machine learning and the availability of massive amounts of data for algorithm training. An algorithm’s accuracy is heavily dependent on the data it’s fed, and today’s leading ones are being trained on more diverse datasets than ever before. According to the most recent evaluation, the top 150 algorithms are over 99 percent accurate across a variety of demographics. Even at these performance levels, we always recommend human involvement in any final decisions made in areas like crime investigation or border security, since in our view people and technology working together represent the strongest combination.
In closing, consider this law enforcement example. In crime investigations, eyewitness misidentifications are the leading cause of wrongful convictions, which are often resolved through DNA exoneration. It’s clear that we can’t afford to do away with the most accurate weapon in our arsenal – the benefits are far too vast. Rather, the key is leveraging the unmatched power of biometrics with the right privacy safeguards indelibly in place.