Privacy questions still loom over biometrics

Biometric technologies have expanded greatly in the past decade, especially following the Sept. 11, 2001, terrorist attacks, but experts say there are few policies, procedures and laws regarding the collection of biometric identifiers, even as public policy debates have swelled over their use and potential to invade people's privacy.

SEARCH, the National Consortium for Justice Information and Statistics, held a two-day conference on legal and policy implications of biometric use in New York City Nov. 5-6, featuring law enforcement, government, industry, and privacy and civil liberties experts.

Biometric technologies have been around for some time, most notably fingerprinting. However, newer technologies, such as facial recognition and iris and retina scanning, are being considered more and more by many public- and private-sector organizations for verification of identification and authentication.

"What we see today are a lot of pilots, a lot of tests, a lot of demonstrations, and not a lot of deployments," said Robert Belair, SEARCH general counsel.

The events of Sept. 11, 2001, have spurred support for such technologies, said Rebecca Dornbusch, deputy director of the International Biometric Industry Association. However, the federal government's inability to pass this fiscal year's budget is hampering further deployments.

But not all biometric technologies are the same, officials said, and use should be considered carefully. Concerns include invasion of privacy, misuse of databases, surveillance and tracking of people, and the linking of databases to create, in essence, a national identification database, Belair said.

Barry Steinhardt, director of the Technology and Liberty Program for the American Civil Liberties Union, said his group supports the use of reliable biometrics to authenticate access to secure locations, DNA analysis of crime scene evidence and X-rays of air cargo and baggage.

When it comes to facial recognition — where video cameras scan and capture a person's face and then software tries to match it against a database presumably composed of known criminals and/or terrorists — the technology doesn't work, he said, citing uses in Tampa, Fla., and other places. Such "surreptitious surveillance" is a waste of law resources and will be misused, he said.

Wayne Crews, technology policy director at the Cato Institute, a libertarian, market-oriented think tank, said he's less worried about facial recognition as long as incidental data is thrown away or not collected in the first place.

Chris Hoofnagle, legislative council for the Electronic Privacy Information Center, said that industry, the public and the government must address questions of how vulnerable the data is to theft or abuse and limit its use to a certain purpose.

M. Paul Collier, executive director of the Biometric Foundation, a nonprofit group that focuses on research, education and standards, said successful implementation will occur when those installing the technology work to address the public's questions and concerns.


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.