[LINK] biometrics paper
stephen at melbpc.org.au
stephen at melbpc.org.au
Mon Jan 13 14:12:55 AEDT 2014
Marghanita da Cruz (and Tom) write,
> Information management capability matrix draft for comment ...
> http://naa.gov.au/records-management/development/qualifications/draft-
matrix.aspx
Hmm ..
Not one specific mention of privacy in this whole records-management draft
document. Perhaps the writers have graduated from an MIT bigdata course :)
But Jan writes,
> If anyone is after a primer on biometric recognition, check this out.
> http://www.nap.edu/catalog.php?record_id=12720
Interesting reference Jan. This book certainly examines broader issues ..
(Quote)
Cultural, Social, and Legal Considerations
Biometric systems assume and require an intimate relationship between
people and technologies that collect and record the biological and
behavioral characteristics of their bodies. It is therefore incumbent upon
those who conceive, design, and deploy biometric systems to consider the
cultural, social and legal contexts of these systems.
Not attending to these considerations and failing to consider social
impacts can bring serious unintended consequences.
Privacy as a Cultural Consideration
Biometric systems have the potential to collect and aggregate large amounts
of information about individuals. Almost no popular discussion of biometric
technologies and systems takes place without reference to privacy concerns,
surveillance potential, and concerns about large databases of personal
information being put to unknown uses. ("Mission creep")
Privacy issues arise in a cultural context and have implications for
individuals and society apart from those that arise in legal and regulatory
contexts.
The problems arising from aggregating information records about individuals
in various information systems and the potential for linking those records
through a common identifier go well beyond biometrics, and the challenges
raised have been addressed extensively.
For example, a 2007 NRC report that examined privacy in the digital age had
a host of citations to important work in this area. A thorough treatment of
authentication technologies and privacy, with references to a host of
sources, appears in the NRC report "Who Goes There? Authentication Through
the Lens of Privacy" (2003), which treats the constitutional, statutory,
and common law protections of privacy and their intersection with modern
authentication technologies, including biometrics.
Record Linkage and Compromise of Anonymity
Information of various kinds about individuals is routinely stored in a
variety of databases. Linking such information, however imperfectly, in
order to form profiles of individuals is also routinely done for purposes
ranging from commercial marketing to law enforcement. The biometric data
stored in information systems have the potential of becoming yet another
avenue through which records across systems might be linked.
This potential raises several questions: Under what circumstances is such
linkage possible? If undesirable linkages are technically feasible, what
technological and/or policy mechanisms would impede or prevent them? How
could compliance with those mechanisms be monitored by those whose data are
stored? What criteria should be used for deciding whether these mechanisms
are needed?
Depending on the anticipated uses of the personal data, policy and
technical mechanisms may have to be put in place to prevent their
unauthorized linking.
A challenge related to record linkage is the potential for erosion or
compromise of anonymity. Thus, even a biometric system that does not
internally link an individuals biometric data with other identifying
information may fail to preserve anonymity if it were to be linked using
biometric data to another system that does connect biometric data to
identity data.
This means that even a well-designed biometric system with significant
privacy and security protections may still compromise privacy when
considered in a larger context.
A related challenge is secondary use of data. That is, using data in ways
other than originally specified or anticipated. ("Mission creep")
The 2003 NRC report "Who Goes There?" examined secondary use in an
authentication context. The challenge to privacy posed by secondary use of
data in information systems generally, and particularly in data-intensive
systems even without biometrics, is widely known.
Although it may seem that these concerns are specific to individuals,
privacy considerations can have broad social effects beyond the individual.
Privacy breaches, however well-contained, can erode trust not only in the
technological systems but also in the institutions that require their use.
The potential for abuse of personal information can be sufficient to make
segments of society reluctant to engage with particular technologies,
systems, and institutions. Biometric systems carry their own particular
privacy challenges in addition to many of those that have been identified
for other information systems ..
--
Message sent using MelbPC WebMail Server
More information about the Link
mailing list