CSC 379:Week 4, Group 4: Difference between revisions

From Expertiza_Wiki
Jump to navigation Jump to search
Line 23: Line 23:


==What are Biometrics?==
==What are Biometrics?==
A biometric is a measure of some physical or behavioural characteristic of an individual. These measurements can then be used to identify and individual or at least aid in confirming a claimed identity. Some examples of human characterisitcs that can be convieniently caputred in a biometric include: Fingerprints, Retinal scan, Voice, Signature, DNA, Gait. After your individual information is recorded it can be used in a biometric system.
A biometric is a measure of some physical or behavioural characteristic of an individual. These measurements can then be used to identify and individual or at least aid in confirming a claimed identity. Some examples of human characteristics that can be conveniently captured in a biometric include: Fingerprints, Retinal scan, Voice, Signature, DNA, Gait. After your individual information is recorded it can be used in a biometric system.


===The Purpose of Biometrics===
===The Purpose of Biometrics===
Line 29: Line 29:


===Flaws in Biometric Systems===
===Flaws in Biometric Systems===
These systems are not flawless though. Depending on what characteristic is being measured, there is often a significant chance of error. Each biometric has its own false accept rate and false reject rate. A false accept rate is the chance that the biometric verifies that you are who you claim to be, when you actually aren't. The higher the percent chance for a false acceptance, the easier the system is to fool. A false reject rate is the chance that a system says you are lieing about who you claim to be when you are telling the truth. The false accept rate and false reject rate of a particualar biometric should be taken into account when designing an identification or verification system.
These systems are not flawless though. Depending on what characteristic is being measured, there is often a significant chance of error. Each biometric has its own false accept rate and false reject rate. A false accept rate is the chance that the biometric verifies that you are who you claim to be, when you actually aren't. The higher the percent chance for a false acceptance, the easier the system is to fool. A false reject rate is the chance that a system says you are lying about who you claim to be when you are telling the truth. The false accept rate and false reject rate of a particular biometric should be taken into account when designing an identification or verification system.
 
 
==Ethical Issues Surrounding Biometrics==
===The Permanence of Biometric Identification===
Many forms of biometric data do not expire. While a person's face or voice may change some as they age, for the most part your physical and behavioral characteristics are going to stay the same throughout your life.
 
With current forms of identification your can, for example, change your password or get a new credit card or driver's licence or passport. For the most part with biometric identification, you can't simply change your information (short of surgery). This posses a large privacy issue. Not only will anonymity be almost impossible in a world were biometric identification is the norm, but identity theft will be every more devastating because one can't simply adopt new identifying data to defeat the theif.
 
===Biometrics as a Means of Discrimination===
If a particular biometric can not be measured on a person-- they are missing a finger, for example-- then inherently that person is going to seem more suspicious. Administrators of the system might think: "Sure maybe they have a legitimate reason for not doing the fingerprint ID, but maybe they are trying to bypass the system."
 
Biometrics systems could be used in small scale discriminatory screening processes such as stores using a biometric ID system to deny business to those found guilty of shoplifting in the past.
 
===Steps to Take to Mitigate Invasion of Privacy===
Paraphrased from the [http://www.bioprivacy.org/ IBG BioPrivacy Initiative]
 
* Biometric systems should only be expanded when absolutely necessary.
* Systems should not be expanded without public knowledge.
* Biometric information should not be used as a universal unique identifier. <br>"Universal unique identifiers facilitate the gathering and collection of personal information from various databases, and can represent a significant threat to privacy if misused."
* These systems should not store more information about an individual than is absolutely necessary to verify or identify the individual.
 
==Links and Resources==
* [http://www.anu.edu.au/people/Roger.Clarke/DV/Biometrics.html Biometrics and Privacy] by Roger Clarke
* [http://www.eff.org/Privacy/Surveillance/biometrics/ Who's watching you?] by William Abernathy and Lee Tien
* [http://www.bioprivacy.org/ IBG BioPrivacy Initiative]
* [http://www.biometricwatch.com/privacy.htm Biometric News Portal]
* [http://www.pcworld.com/article/id,81444-page,1/article.html Biometrics: Security Boon or Busting Privacy?] bySaumya Roy
* [http://en.wikipedia.org/wiki/Biometrics Good ol' Wikipedia]

Revision as of 15:33, 28 July 2007

Biometrics and Privacy of Genetic Data

A concern with ID cards that contain biometric information is that once one is stolen, it would be more difficult for someone to reclaim their identity as the nature of the representation of biometric data that would be used would be something that would not change over a person’s lifetime (e.g. fingerprints or eye-scan)[1]. Thus for technologies that rely solely on the biometric data contained within the IDs to establish identity, once a card is stolen, ones “identity” may never be able to be reclaimed.

Ethical issues related to privacy of genetic data follow closely with this topic since it suffers from similar issues as biometrics, although genetic data is much more invasive to ones privacy as society becomes more able to interpret it. There have been discussions of a constitutional amendment to prohibit genetic discrimination. If ones genetic information is made available, or information derived from, it opens the person to an increased threat of discrimination (jobs, insurance, social), as well as other threats to privacy not yet realized, but that will likely be realized within ones lifetime as there becomes a greater capability to interpret genetic data.

What types of protections should be afforded to biometric data compared to other types of data? For genetic data? Should biometric/genetic data be incorporated into various technology from ID cards to diagnostic equipment? Examine ethical issues related storage and use.

Resources

Relevant External Links:

The National Science and Technology Council some good resources related to biometrics and privacy issues.

Wikipedia's article on biometrics: http://en.wikipedia.org/wiki/Biometrics

EFF has an introduction to some concerns voiced about biometrics: http://www.eff.org/Privacy/Surveillance/biometrics/

Relevant Class Website Links:


What are Biometrics?

A biometric is a measure of some physical or behavioural characteristic of an individual. These measurements can then be used to identify and individual or at least aid in confirming a claimed identity. Some examples of human characteristics that can be conveniently captured in a biometric include: Fingerprints, Retinal scan, Voice, Signature, DNA, Gait. After your individual information is recorded it can be used in a biometric system.

The Purpose of Biometrics

Biometric systems have several purposes. They can verify that a person is who they claim to be by checking your information against the data the system has on you. A biometric system can identify you without you telling the system who you are by your physiological or behavioral characteristics. And biometric systems can also be used to screen individuals. The system may raise a flag or alert the police if it identifies you as being on its watch list.

Flaws in Biometric Systems

These systems are not flawless though. Depending on what characteristic is being measured, there is often a significant chance of error. Each biometric has its own false accept rate and false reject rate. A false accept rate is the chance that the biometric verifies that you are who you claim to be, when you actually aren't. The higher the percent chance for a false acceptance, the easier the system is to fool. A false reject rate is the chance that a system says you are lying about who you claim to be when you are telling the truth. The false accept rate and false reject rate of a particular biometric should be taken into account when designing an identification or verification system.


Ethical Issues Surrounding Biometrics

The Permanence of Biometric Identification

Many forms of biometric data do not expire. While a person's face or voice may change some as they age, for the most part your physical and behavioral characteristics are going to stay the same throughout your life.

With current forms of identification your can, for example, change your password or get a new credit card or driver's licence or passport. For the most part with biometric identification, you can't simply change your information (short of surgery). This posses a large privacy issue. Not only will anonymity be almost impossible in a world were biometric identification is the norm, but identity theft will be every more devastating because one can't simply adopt new identifying data to defeat the theif.

Biometrics as a Means of Discrimination

If a particular biometric can not be measured on a person-- they are missing a finger, for example-- then inherently that person is going to seem more suspicious. Administrators of the system might think: "Sure maybe they have a legitimate reason for not doing the fingerprint ID, but maybe they are trying to bypass the system."

Biometrics systems could be used in small scale discriminatory screening processes such as stores using a biometric ID system to deny business to those found guilty of shoplifting in the past.

Steps to Take to Mitigate Invasion of Privacy

Paraphrased from the IBG BioPrivacy Initiative

  • Biometric systems should only be expanded when absolutely necessary.
  • Systems should not be expanded without public knowledge.
  • Biometric information should not be used as a universal unique identifier.
    "Universal unique identifiers facilitate the gathering and collection of personal information from various databases, and can represent a significant threat to privacy if misused."
  • These systems should not store more information about an individual than is absolutely necessary to verify or identify the individual.

Links and Resources