Search


  • Categories


  • Archives

    « Home

    Archive for the ‘Biometrics’ Category

    Significant Problems in White House’s Draft Privacy Legislation

    Monday, March 2nd, 2015

    The Obama White House recently released its draft Consumer Privacy Bill of Rights Act (pdf) and a fact sheet. Parts of the draft legislation date to a 2012 white paper (pdf) that laid out a plan to better protect consumer privacy. And last year, the big data group that the White House convened also issued recommendations on privacy (pdf).

    The White House has taken important steps in highlighting that individuals need strong privacy protections for their data and in creating the draft legislation. And it is important that the draft legislation attempts to implement the Fair Information Practices: collection limitation, data quality, purpose specification, use limitation, security safeguards, openness, individual participation, and accountability. For example, the draft legislation gives several options for responding to companies that would violate the bill’s provisions, including allowing individuals and states attorneys general to file lawsuits.

    But there are several significant problems with the proposal that need to be addressed before it can move forward. (The draft does not yet have a legislative sponsor, which it would need in order to be introduced and debated in Congress.)

    One problem with the legislation: It would preempt state laws.

    SEC. 401. Preemption.
    (a) In General.—This Act preempts any provision of a statute, regulation, or rule of a State or local government, with respect to those entities covered pursuant to this Act, to the extent that the provision imposes requirements on covered entities with respect to personal data processing.

    Read more »

    Continuing Debate on Privacy and Use of Newborns’ Blood Samples

    Monday, December 1st, 2014

    There has been considerable debate about the ethical, privacy, and civil liberty issues surrounding the unauthorized or unknowing retention and use of babies’ blood samples for purposes other than disease-screening in the United States and abroad. Often, parents are not told of the possible lengthy data retention period, possible distribution to other agencies, and possible other purposes for which their children’s blood samples could be used. Now, WNCN in North Carolina looks at the situation, and what it finds shows there are also questions about de-identification or “anonymization” of newborns’ medical data.

    Asked what the government plans to do with the data, Scott Zimmerman, director of the N.C. State Public Health Lab, said, “So if an outside agency such as an academic institution approaches us and asks for dried blood spots, there are two approaches that can be taken. One, we can get parental consent to release that dried blood sample to an outside entity. We will not release any DBS that contains patient information without parental consent.”

    Zimmerman added, “The only other way DBS are released is if they are de-identified.”

    Researchers have shown that, often, data that has been de-identified can be re-identified (or “de-anonymized”), and sensitive data could be linked back to an individual. Therefore, there is a significant privacy concern for individuals’ whose information is shared, without their consent, in this manner.  Read more »

    Virginian-Pilot: Police can require cellphone fingerprint, not pass code

    Monday, November 3rd, 2014

    The Virginian-Pilot reports on a court case in Virginia concerning the privacy of mobile devices, specifically ones that are biometrically locked with a fingerprint, such as some of Apple’s iPhones and iPads. (Note that Lifehacker has a suggested-solution for the problem of a forced unlocking of a fingerprint ID device.) The Virginian-Pilot reports:

    VIRGINIA BEACH — A Circuit Court judge has ruled that a criminal defendant can be compelled to give up his fingerprint, but not his pass code, to allow police to open and search his cellphone.

    The question of whether a phone’s pass code is constitutionally protected surfaced in the case of David Baust, an Emergency Medical Services captain charged in February with trying to strangle his girlfriend. [...]

    Judge Steven C. Frucci ruled this week that giving police a fingerprint is akin to providing a DNA or handwriting sample or an actual key, which the law permits. A pass code, though, requires the defendant to divulge knowledge, which the law protects against, according to Frucci’s written opinion.

    Eurasia Review: Interpol Facial Recognition Experts Meeting Develops Global Guidelines

    Monday, October 27th, 2014

    Eurasia Review reports that facial-recognition technology experts are developing global guidelines for the use of the biometric technology, which could have wide-ranging impact on individuals’ privacy:

    The first meeting of the INTERPOL Facial Expert Working Group brought together global experts in biometrics to begin the process of developing international facial recognition standards.

    The two-day meeting (14 and 15 October) gathered 24 technical and biometrics experts and examiners from 16 countries who produced a ‘best practice guide’ for the quality, format and transmission of images to be used in facial recognition. [...]

    INTERPOL is currently developing a facial image database with the support of Safran Morpho, a leader in biometrics in the private sector. The database is expected to become operational in early 2015, and will enhance INTERPOL’s forensic capabilities as many crimes do not have hard evidence such as DNA or fingerprints to help identify suspects.

     

    Washington Post: The biometrics revolution is already here

    Friday, October 24th, 2014

    The Washington Post rounds up news on the increasing use of biometrics in everyday life and its implications for individual privacy:

    The future is here, and it’s biometric identification: You will soon be able to unlock the most recent iPad model with your fingerprint; banks are reportedly capturing voice imprints to catch telephone fraud; and the FBI’s facial recognition database is at “full operational capacity” (although it still pales in comparison to Facebook’s database).

    But while these technologies are already influencing consumers’ lives, it’s not clear that everyone understands the long-term implications of widespread biometric use, experts say. [...]

    Biometric markers area also immutable, unlike other forms of digital verification techniques. “You can change your password, but you can’t change your face or your fingerprints without going through an awful lot of trouble,” Bedoya explains. Read more »

    Associated Press: Banks harvest callers’ voiceprints to fight fraud

    Thursday, October 16th, 2014

    The Associated Press reports that when some banks’ customers call in to customer service, their voiceprints are being gathered so the banks can identify them. This practice of gathering biometric information, sometimes without giving notice to or obtaining consent from customers, raises substantial privacy questions:

    An Associated Press investigation has found that two of America’s biggest retail banks — JPMorgan Chase & Co., and Wells Fargo & Co. — are quietly recording the biometric details of some callers’ voices to weed out fraud. The technology, sometimes called voiceprinting, is aimed at bad guys rather than legitimate customers, but legal and privacy experts alike still have reservations about the practice. [...]

    As it stands, seven major American financial institutions are already using blacklists or have run pilots, said Shirley Inscoe, an analyst with the Aite Group, a research and advisory firm. Read more »