Law in the Internet Society

There is Nowhere to Hide

-- By NatalieYoukel - 01 Nov 2015

Introduction

Today, wherever you go or whatever you do there is a high probability that your biometric information is being collected and stored without your knowledge or consent. Biometric technologies have seen increasing use throughout the past couple decades. Biometrics is the use of human physical characteristics as individual identifiers.link text While any individual trait can be used to take a biometric reading, there are three in particular that are most commonly used. First is appearance. Biometric data collection based on appearance is primarily collected through the use of photographs, but also can be collected through written descriptions of an individuals weight, age, height, hair color, eye color, nose shape, and scars, among others. Second, biometric data can be collected through physiography. This includes fingerprints, dental measurements, optical scans, hand geometry, and DNA testing. Third, biometrics collection may occur through bio-dynamics. Bio-dynamics includes voice fluctuations, writing style, and body signals. Individual identification through biometric data is done through the comparison of live data that is supplied and then run against a reference database.

As our lives have become increasingly digitalized, it has become harder and harder to prevent our biometric data from being collected, either by companies or the government, as people blindly and willing supply the information online, as well as through personal interactions. Have you ever wondered what happens to the photographs that you upload onto social media websites? Or what happens to the information you provide health care institutions when you visit the doctors office? Or what happens to the information stored and gathered from your use of computers and smart technology?

Companies across industries have. In fact, these companies are the ones that are storing and utilizing your biometric data without your consent.

Companies Everywhere Know Who You Are and What You Like

Social media websites such as Facebook, use facial recognition/verification software to identify and learn more about users and their taste preferences. When you are identified in a picture on Facebook, biometric software remembers your face so it can be “tagged” in other photographs through Facebook’s “Tag Suggestions” software. Furthermore, Facebook has begun testing its new DeepFace? facial recognition/verification software that has the ability to compare images even when the angle, lighting, and facial expressions of the individual are different.link text

Additionally, the health care industry is constantly collecting biometric information on individuals. This biometric data collection is predominantly done through health care records arising from doctor office visits, hospitals stays, and pharmaceutical purchases. Furthermore, biometric collection has become extremely prominent in the health care industry through mobile applications and gadgets, distributed in the form of bracelets and trackers by Fitbit, Jawbone, and Nike. These applications and gadgets track and collect user activities such as walking, sleeping, calorie intake, calories burned, and other metrics such as heart rate.

Biometric data collection is also prominent in both the automobile sector and the banking sector. As of early 2015, Ford Motor Company is using a new measurement process –eye tracking – in order to collect emotional and logical consumer insights in the hopes to learn more about how consumers visually discover new automobiles. Presently, Ford Motor Company is working to deplore eye-tracking technologies that will measure how prospective customers in a show room respond to color, materials, size, and other relevant measures. Finally, Ford was recently granted a patent for a biometric device that uses fingerprints, retinal scans, and voice recognition to gain entry to and start a vehicle.link text Similar to the automobile industry, the banking industry, including banks such as Wells Fargo and Bank of America, has begun testing voice recognition and eye scanning technologies for use on mobile applications.link text

It is Time to Invest in a Hat, Gloves and a Good Pair of Sunglasses

The problem with the collection of biometric data by companies and institutions such as Facebook, Fitbit, Ford Motor Company, Wells Fargo, and others similarly situated, is that it is nearly impossible for humans to prevent, as the traits and characteristics collected are immutable. Furthermore, once such biometric information has been collected and stored there is no method for individual deletion. As a result, the use of biometric data by companies and institutions has grave privacy implications.

First, companies such as Facebook, Fitbit, and Ford Motor Company do not notify consumers of their collection of biometric data and do not first acquire consumer consent. Facebook’s Tag Suggestions software easily captures facial biometric data on individuals who upload the photograph but also individuals who are subsequently tagged. Fingerprints can also be easily collected without an individual’s knowledge as fingerprints are left on all surfaces that an individual may touch. Furthermore, optical scans such as those being implemented by Ford Motor Company can read peoples’ eye movements from a distance of two meters.link text

Second, the use of biometric data, once collected, can be used for many purposes that individuals do not initially consent to. For example, data may be collected through health care records but then used to match those records with future biometric data samples.

Third, the collection and use of biometric information may impliedly divulge other intimate details of an individual’s life. For example, DNA samples do not only identify an individual but can also provide an accurate reading on a wide range of other health information. Moreover, the status of an individuals’ fingerprint may reveal work habits or socio-economic status.link text

Lastly, companies such as Facebook, Fitbit, Ford Motor Company, and Wells Fargo have the potential to sell or share with third parties, other companies or the government, the information collected through biometrics. This too, would happen behind the consumer’s back and too easily done in a way that the consumer does not understand or consent to.

The widespread and increasing use of biometric data collection among market industries will eventually lead to the complete demise of anonymity. As a result, it is likely that we will find ourselves in a world where it isn’t only celebrities that never leave the confines of their houses without a large hat, a pair of gloves, and a dark pair of sunglasses.

It would be good to link to sources, not list them: this is the Web.

The next draft should straighten out the confusion between facial recognition and biometrics. The face is just one of the many forms of biometric information, none of which you can change. If the subject is biometrics, discussion of facial recognition is under-inclusive. If the subject is facial recognition, limitation to private corporate surveillance is under-inclusive.

If the subject is facial recognition produced by the application of machine learning to large numbers of photos people meant to share only with friends and family, the problem is one more instance of why centralized "social networking" is bad. If you were using a $50 FreedomBox to share your photos, they would only be shared with your real friends, not the data-miners, and there would be many fewer images of your around, particularly if your friends also stopped their ridiculous unsafe sharing.....

I decided to make the paper about biometrics instead of just facial recognition. I hope that this draft successfully takes into account your suggestions. I did find it slightly difficult to adequately explain the use of biometrics across industries due to the 1,000 word limit.

You are entitled to restrict access to your paper if you want to. But we all derive immense benefit from reading one another's work, and I hope you won't feel the need unless the subject matter is personal and its disclosure would be harmful or undesirable. To restrict access to your paper simply delete the "#" character on the next two lines:

Note: TWiki has strict formatting rules for preference declarations. Make sure you preserve the three spaces, asterisk, and extra space at the beginning of these lines. If you wish to give access to any other users simply add them to the comma separated ALLOWTOPICVIEW list.

Navigation

Webs Webs

r3 - 04 Dec 2015 - 19:40:24 - NatalieYoukel
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM