National Academies Press: OpenBook

Biometric Recognition: Challenges and Opportunities (2010)

Chapter: 4 Cultural, Social, and Legal Considerations

« Previous: 3 Lessons from Other Large-Scale Systems
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

4
Cultural, Social, and Legal Considerations

Biometric systems assume and require an intimate relationship between people and technologies that collect and record the biological and behavioral characteristics of their bodies. It is therefore incumbent upon those who conceive, design, and deploy biometric systems to consider the cultural, social and legal contexts of these systems. Not attending to these considerations and failing to consider social impacts diminishes their efficacy and can bring serious unintended consequences.

The key social issue surrounding biometrics is the seemingly irrevocable link between biometric traits and a persistent information record about a person. Unlike most other forms of recognition, biometric techniques are firmly tied to our physical bodies. The tight link between personal records and biometrics can have both positive and negative consequences for individuals and for society at large. Convenience, improved security, and fraud reduction are some of the benefits often associated with the use of biometrics. Those benefits may flow to particular individuals, corporations, and societies but are sometimes realized only at the expense of others. Who benefits at whose expense and the relative balance between benefits and costs can influence the success of biometric deployments.

The efficacy of a biometric system can be affected by the cultural, social, and legal considerations that shape the way in which people engage and interact with these systems. People’s deliberate choices about whether and how to engage and their inadvertent actions both affect system performance. For example, some people may choose not to place their fingers on a fingerprint scanner for fear of contracting a disease or may be unable

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

to do so because long fingernails are highly valued by their social group. Similarly, some people may avoid having their photographs taken for a face recognition system because of concerns over how the images will be used; others will avoid this owing to concerns about the absence of customary adornments to the face (for example, scarves). In both cases system performance may be compromised.

The proportionality of a biometric system—that is, its suitability, necessity, and appropriateness—in a given context will have a significant effect on the acceptability of that system.1 The societal impact of such systems will vary significantly depending on their type and purpose. For example, the use of iris scanning to control access to a local gym and of finger imaging to recognize suspected terrorists at international borders are likely to differ, both for the individuals being scanned and the broader community. The potential impacts on particular social groups and thus their receptions by these groups may also vary dramatically due to differences in how the group interprets the cultural beliefs, values, and specific behaviors. Imposing facial recognition requirements to enter a store or workplace may limit the shopping and work options available to individuals who consider photographs of faces inappropriate, creating barriers to social activities.

This chapter explores such considerations in four areas: biometric systems and individual participation, potential impacts on society of biometric systems, legal considerations with respect to biometrics, and data collection and use policies.

INTERACTION BETWEEN BIOMETRIC SYSTEMS AND INDIVIDUALS

System performance may be degraded if social factors are not adequately taken into consideration. These factors are of two types, those that motivate and those that facilitate participant engagement with the system.

Motivating Participation by Individuals

As a rule, peoples’ willingness to participate in a system and their commitment to it depend on their understanding of its benefits. For example, a biometric system that allows convenient access to a worksite might be perceived as beneficial to individuals by relieving them of the necessity

1

European Commission, Article 29. The Data Protection Working Party observes that proportionality has been a significant criterion in decisions taken by European Data Protection Authorities on the processing of biometric data. Available at http://ec.europa.eu/justice_home/fsj/privacy/docs/wpdocs/2003/wp80_en.pdf.

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

to carry an ID card. On the other hand, a biometric system that tracks daytime movement of employees might be perceived as primarily beneficial to the employer and as undermining the employee’s personal freedom. In some instances, ancillary inducement, such as monetary reward, may be required to obtain a desired level of participation.

Participation may also be motivated by the possibility of negative consequences for nonparticipation—for instance restrictions on access to locations or services (perhaps entry to the United States), requirements to use a much more lengthy process for a routine activity (for example, to open a bank account), and even the threat of legal action (for example, the requirement to enroll in a biometric system in order to maintain legal alien status). Nonparticipation may also subject individuals to social pressure and/or prevent them from joining some collective activities.

Willingness to participate also may be influenced by concern that system uses will change over time (often referred to as “mission creep”), perhaps becoming less benign. For example, a system initially deployed to allow employees easy access to a worksite might also be used later to track attendance, hours worked, or even movement at the worksite. Such concerns argue for clear documentation of both how the system will be used and protections to ensure that it will not be used for other, unacknowledged purposes.

More broadly, the social and cultural factors that influence willingness to participate in biometric systems run the gamut from trust in government and employers, to views about privacy and physical contact, to social involvement vs. isolation. Because the use of biometric systems depends on physical connections with individuals and because they are used for national security, law enforcement, social services, and so on, a host of societal issues should be addressed before they are deployed.

Facilitating Individual Participation

The adoption of biometric systems depends on the ease with which people can use them. In systems design it is critical to consider training in use of the system, ease of use (for example, are multiple steps, awkward actions, or complicated procedures required?), and management of errors (for example, how does the system recover from a mistake?). Designing usable systems also requires that the designers have some knowledge of the human users and operators, the context in which they will use the system, and their motivations and expectations.2 Users of biometric sys-

2

For more on usability and biometric systems, see “Usability and Biometrics: Ensuring Successful Biometric Systems.” Available at http://zing.ncsl.nist.gov/biousa/docs/Usability_and_Biometrics_final2.pdf.

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

tems might include travelers, people whose first language is not English, employees of a particular company, shoppers, and so on. Contexts of use might include empty office buildings vs. busy airports, indoor vs. open air, lone individuals vs. groups, daily vs. semiannual, and so on. Motivations of operators might range from speeding up the check-in process to protecting personal information to preventing terrorism.

Discussions of usability tend to focus on narrow technical considerations such as the adequacy of the instructions for where and how to place the hand or finger to successfully engage with a biometric system (some of this was discussed briefly in the section “Operational Context” in Chapter 2). But broader considerations also affect usability. For example, providing a table where users can place their bags, purses, and other paraphernalia before interacting with the system may improve usability. Interfaces should take into account physical differences among people (height, girth, agility). If an interface is difficult for a particular person (tall or short, say) to use, then users are implicitly sorted into categories and may be treated differently for reasons unrelated to system goals.

Dealing with user diversity also leads to the challenge of providing user assistance. The presence of knowledgeable people providing help has been shown time and again to ease the pain of learning to use new systems and of managing errors. For a biometric system, it is important to have ways to mediate a variety of potential problems, ranging from individuals uncertain how to use the system to individuals who cannot present the trait needed (for example, if their fingerprints are hard to image). Earlier chapters considered failures to enroll and failures to acquire from technical and statistical perspectives, but how such failures are handled from the perspective of the user (who has “failed” in some sense) also has an impact on system effectiveness. If they are not handled carefully, some users may be less ready to participate, or even disenfranchised altogether; see below for the broader societal implications of disenfranchisement.

Expected frequency of use by a given individual is an important consideration in system design, since familiarity comes with repeated use. Typically, systems designed for infrequent use should be easy to learn, with readily interpreted instructions and help at hand, as usage procedures may not be remembered. On the other hand, people can learn to use even the most difficult systems if they have a chance to practice and learning is reinforced by frequent use and feedback. Thus, a system to be used by vacationers once or twice a year will have different requirements than one used daily by employees. While systems used frequently should avoid time-consuming operations to accomplish routine tasks such as entering a work area or logging on to the computer, they need not minimize initial training.

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

SOCIETAL IMPACT

The increasing use of biometric systems has broad social ramifications and one overarching consideration is proportionality. While the technical and engineering aspects of a system that contribute to its effectiveness are important, it is also useful to examine whether a proposed solution is proportional and appropriate to the problem it is aimed at solving.3 Biometric systems’ close connection to an individual, as described in the preceding section, means that even extremely effective technical solutions may turn out to be inappropriate due to perceived or actual side effects and means that proportionality—both how the system will be perceived in its user communities as well as possible side effects, even if the system is accurate and robust—must be considered when first examining the solution space. The rest of this section explores some of those potential side effects, including potential disenfranchisement of nonparticipants, privacy issues, and impact of varying cultural perspectives on individuality and identity.

Universality and Potential Disenfranchisement

Where biometric systems are used extensively, some members of the community may be deprived of their rights. Some individuals may not be able to enroll in a system or be recognized by it as a consequence of physical constraints, and still others may have characteristics that are not distinctive enough for the system to recognize. There will also be those who decline to participate on the basis of religious values, cultural norms, or even an aversion to the process. Religious beliefs about the body and sectarian jurisdiction over personal characteristics (for example, beards, headscarves) or interpersonal contact (for example, taking photographs, touching, exposing parts of the body) may make a biometric system an unacceptable intrusion. Mandatory or strongly encouraged use of such a system may undermine religious authority and create de facto discrimination against certain groups whose members are not allowed to travel freely, take certain jobs, or obtain certain services without violating their religious beliefs. Another category of people who may choose not to participate are those concerned about misuse or compromise of the system or its data—and its implications for privacy and personal liberty. Although a decision to participate or not may be an individual one, biometric sys-

3

An example that received some media attention was a proposal to use fingerprint scanners to speed up a school lunch line. For reasons described elsewhere in this chapter, many in that community felt that such a use of the technology was disproportionate to the problem, regardless of its effectiveness.

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

tems can inadvertently affect groups whose shared characteristics make them less inclined to use the systems, assuming that participation is voluntary. Where use is mandatory—for example, in some military applications such as the U.S. Army’s Biometric Automated Toolkit (BAT) system described in Appendix D—even more consideration of these issues may be needed.

Thus, while disenfranchisement in such cases may seem to affect only individuals, broad use of systems that are known to have these consequences can adversely affect the broader community if no appropriate relief is put in place. The community, including those not affected directly, may come to distrust the systems or the motivations of those deploying them. A system deployed in a community in which certain members are consistently unable to participate in the de facto methods of recognition without significant inconvenience may acquire an unwelcoming reputation no matter how benign the purposes for which it is deployed. Similar kinds of potential ostracism have been seen when formerly pedestrian-friendly or bus-friendly communities are transformed to focus on automobiles; those without driver’s licenses or their own automobiles can become effectively disenfranchised in particular geographic locations.4 Other technologies, such as the telephone and the Internet in the communications arena, have had similar effects.

Privacy as a Cultural Consideration

Biometric systems have the potential to collect and aggregate large amounts of information about individuals. Almost no popular discussion of biometric technologies and systems takes place without reference to privacy concerns, surveillance potential, and concerns about large databases of personal information being put to unknown uses. Privacy issues arise in a cultural context and have implications for individuals and society even apart from those that arise in legal and regulatory contexts. The problems arising from aggregating information records about individuals in various information systems and the potential for linking those records through a common identifier go well beyond biometrics, and the challenges raised have been addressed extensively elsewhere.

For example, a 2007 NRC report5 that examined privacy in the digital age had a host of citations to other important work in this area. A thorough

4

Langdon Winner, Do artifacts have politics? Daedalus 109(1) (1980), and How technology reweaves the fabric of society, The Chronicle of Higher Education 39(48) (1993). Donald A. MacKenzie and Judy Wajcman, eds., The Social Shaping of Technology, London: Open University Press (1985; 2nd ed., 1999).

5

See NRC, Engaging Privacy and Technology in a Digital Age, Washington, D.C.: The National Academies Press (2007).

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

treatment of authentication technologies and privacy, with references to a host of sources, appears in the NRC report Who Goes There? Authentication Through the Lens of Privacy (2003), which treats the constitutional, statutory, and common law protections of privacy and their intersection with modern authentication technologies, including biometrics. A 2002 NRC report from the same project explored large-scale identity systems and potential technical and social challenges.6 Almost all of the issues raised in these three NRC reports on technology and identity systems, with or without biometric components, also apply to biometric systems.7 In addition, a recent symposium on privacy and the technologies of identity includes a series of scholarly papers on the subject. These papers refer to a wide range of sources.8 This chapter does not seek to recapitulate this extensive literature, and instead briefly examines some ways biometric systems can contribute to the privacy challenges inherent in systems storing information about individuals.

Record Linkage and Compromise of Anonymity

Information of various kinds about individuals is routinely stored in a variety of databases. Linking such information—however imperfectly—in order to form profiles of individuals is also routinely done for purposes ranging from commercial marketing to law enforcement. The biometric data stored in information systems have the potential of becoming yet another avenue through which records within a system or across systems might be linked. This potential raises several questions: Under what circumstances is such linkage possible? If undesirable linkages are technically feasible, what technological and/or policy mechanisms would impede or prevent them? How could compliance with those mechanisms be monitored by those whose data are stored? What criteria should be used for deciding whether these mechanisms are needed? Depending on the anticipated uses of the personal data, policy and technical mechanisms may have to be put in place to prevent their unauthorized linking.

A challenge related to record linkage is the potential for erosion or compromise of anonymity. As discussed previously, in contrast to the wide choice of passwords available to an individual, there are a fairly limited number of biometric identifiers that a person can present, even when all possible combinations (for example, multiple fingers, face recognition

6

See NRC, IDs—Not That Easy: Questions About Nationwide Identity Systems, Washington, D.C.: The National Academies Press (2002).

7

See NRC, Who Goes There? Authentication Through the Lens of Privacy, Washington D.C.: The National Academies Press (2003).

8

See Katherine Strandburg and Daniela Stan Raicu, eds., Privacy and Technologies of Identity: A Cross-Disciplinary Conversation, pp. 115-188 (2006).

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

coupled with hand geometry) are considered. Thus, even a biometric system that does not internally link an individual’s biometric data with other identifying information may fail to preserve anonymity if it were to be linked using biometric data to another system that does connect biometric data to identity data. This means that even a well-designed biometric system with significant privacy and security protections may still compromise privacy when considered in a larger context. A related challenge is secondary use of data—that is, using data in ways other than originally specified or anticipated. The 2003 NRC report Who Goes There? examined secondary use in an authentication context. The challenge to privacy posed by secondary use of data in information systems generally, and particularly in data-intensive systems even without biometrics, is widely known.

Although it may seem that these concerns are specific to individuals, privacy considerations can have broad social effects beyond the individual,9 as the discussion above on universality makes clear. Privacy breaches, however well-contained, can erode trust not only in the technological systems but also in the institutions that require their use. The potential for abuse of personal information can be sufficient to make certain segments of society reluctant to engage with particular technologies, systems, and institutions. Biometric systems carry their own particular challenges with respect to privacy in addition to many of those that have been identified for other information systems.

Covert Surveillance

Some recognition systems may function at a distance, making it possible to associate actions or data with a person without that person’s explicit participation. Such tracking and collection of data has privacy implications not only for the person involved but for society as a whole. If these capabilities were to be broadly deployed, with their existence becoming broadly known and concern about their use becoming common, there would be potential distrust of the institutions that had deployed the technology. Even if knowledge of a capability is not widespread, the power that flows to those who control it may have unanticipated effects.

To date, widespread use of covert identification appears to be confined to movie plots. Contrary to popular belief, for example, the surveillance cameras used to investigate the 2005 London bombings did not perform biometric recognition as described in this report, because the cameras produced video searched by humans, not by machine. Nonetheless, several programs now pursuing recognition at a distance presage

9

See, for instance, Priscilla Regan, Legislating Privacy: Technology, Social Values, and Public Policy, University of North Carolina Press Enduring Editions (2009).

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

such applications. While concerns about choice to participate are often dismissed by the biometrics industry, they must be addressed to take into account the target community’s cultural values in order to gain acceptance and become broadly effective, especially as such systems become more pervasive or if covert biometric surveillance systems mature and become widely deployed.

Individuality and Identity

Because a biometric system recognizes the body, its applications may assume and embed particular Western notions of individuality and personal identity—namely, that the individual acts in self-interest and has autonomy over his or her actions. However in some non-Western contexts there are different views on the primacy of the individual, and more collectivist views of identity prevail. In these contexts agency and authority are not presumed to reside with individuals and autonomous action is not assumed. An individual’s identity, in such cases, cannot easily be separated from that of the larger group of which the individual is a member. This undermines the assumptions of systems (biometric and otherwise) whose design expects that the actor is the individual (for example, accessing a bank account, doing a job, or making political decisions).10

Biometric systems are used to recognize individuals, but depending on the application and the cultural context, the broader system integrating biometric technologies may also need to recognize the position of individuals within the family, workplace, or community.11 That is, an understanding of the relational dimensions of individual action whereby a person or group acts on behalf of another may be required. For example, within a workplace context an assistant may be required to take action on behalf another to check in for a flight or post personnel evaluations or in a community context a neighbor may be enlisted to pick up prescription medication for someone unable to do so.12

10

There are microexamples of this sort of thing even within Western cultures. For example, administrative assistants are often given authority to make decisions and even sign documents for their bosses when their bosses are not present. Parents may act on behalf of their children, and spouses often are able to speak for each other.

11

Note that a well-designed biometric system will integrate an appropriate notion of individual. The Walt Disney World entrance gate application of biometrics described in Appendix D creates an affinity group for the people entering the park using a set of tickets purchased at the same time. This association of the tickets to the group avoids unnecessary complication at the admission gate and reflects the common social context for ticket use without unduly weakening the value of biometric recognition.

12

These examples are more properly accommodated by features in the broader system in which the biometrics components are integrated. The authorization system may allow delegation rather than recognize multiple individuals as the same entity.

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

Another way the identity of an individual can be conflated with that of a larger group is when biometric data are used for research. While this report urges extensive empirical research (of necessity on large groups of individuals) to achieve a stronger empirical foundation for biometric systems, such research is not without complications. When a group (such as an ethnic or racial group) is studied, whether for a medical, say, or a biometric purpose, the associated findings about that group can raise issues. Perhaps the individuals who were studied had not consented to the use of their individual data for research and the drawing of generalizations about their group, or perhaps consent was obtained but the results of the research are not welcomed by the individuals who participated. Another complication may arise when the results of a group study are made public and have an effect on individuals who are part of that group, whether or not they participated in the study. Even though individual enrollees in the database have given their consent, does the group qua group have the power to withhold consent for conduct of the research itself or publication of the findings? These issues apply beyond biometrics research, but biometric recognition’s close association to individual bodies and notions of identity will inevitably heighten participants’ sensitivity to the issues and necessitate that they be addressed with special care.

In addition to the identity issues raised by cultural considerations and role-based agency and the challenges of research on socially identifiable groups, biometric technologies explore the boundary between public and private information about an individual’s body. The ability of these systems to categorize, monitor, and scrutinize persons through behavioral or biological characteristics raises the issue of the integrity of the person. The gathering of biometric data of all kinds (for example, fingerprint images, iris scans, brain scans, DNA, face imaging) that is associated with and defines the individual raises issues of the “informatized” body—a body that is represented not by human-observable anatomical and physical features but by the digital information about the body housed in databases. This has implications for how we ultimately perceive and conceive of the individual.13

13

For more on this notion, see Irma van der Ploeg, 2007, “Genetics, biometrics and the informatization of the body,” Ann. Ist. Super. Sanità 43(1): 44-50, and Emilio Mordini and Sonia Massar “Body biometrics and identity,” Bioethics 22(9): 488-498 (2008). The former notes:

The digital rendering of bodies allows forms of processing, of scrolling through, of datamining peoples’ informational body in a way that resembles a bodily search. Beyond mere data privacy issues, integrity of the person, of the body itself is at stake here. Legal and ethical measures and protections should therefore perhaps be modelled analogous to bodily searches, and physical integrity issues. This issue is of particular relevance with regard to a curious aspect of this new body, namely that it has become (re-)searchable at a distance. The digitized body can be trans

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

Biometric data contribute to new ways of knowing and defining persons as digitized information. This information is gathered during both routine and exceptional activities such as medical examinations, performance testing in sports, and users’ interactions with biometric systems deployed in the various applications described elsewhere in this report. For some purposes, the observable physical body becomes less definitive and exclusive with respect to connoting who we are and is increasingly augmented (or even supplanted) by digital information about us. This information may ultimately figure into such decisions as who we date, mate, and hire and—conversely—who dates, mates, and hires us. The ability to recognize people by how they look or walk or talk is a human skill critical to social order and human survival. Some individuals are able to quickly recognize people they have not seen for years. Biometric systems that are able to perform these historically human acts of recognition at high rates of speed and on a massive scale may alter underlying assumptions about the uniqueness of these human capabilities and may blur previously clear boundaries between the human skills and social processes that control access to social spaces and bestow rights and duties, and the technological capabilities of biometric systems that recognize faces, gaits, and voices.

LEGAL ISSUES

Comprehensive discussion of legal issues associated with biometrics is well beyond the scope of this report. However, as with any scientific or technical issue, the assumptions made by engineers are very different from those made in the legal system. Understanding the broader context, including the legal context, within which biometric systems will operate, is important to achieving effectiveness. The use of biometrics brings with it important legal issues, especially the following: remediation, reliability, and, of course, privacy. Legal precedent on the use of biometrics technology is growing, with key cases stretching back decades,14 and some recent

ported to places far removed, both in time and space, from the person belonging to the body concerned. Databases can be remotely accessed through network connections; they are built to save information and allow retrieval over extended periods of time. A bodily search or examination used to require the presence of the person involved—a premise so self-evident that to question it would be quite ridiculous. Moreover, this requirement rendered the idea of consenting to any bodily search at least a practicable possibility. Today, however, these matters are not so obvious any more.

14

Cases include U.S. v. Dionisio (U.S. Supreme Court, 1973) and Perkey v. Department of Motor Vehicles (California Supreme Court, 1986).

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

cases15 have raised serious questions as to the admissibility of biometric evidence in courts of law.

Remediation refers to the legal steps taken to deal with the fraudulent use of biometrics, such as identity fraud by altering or concealing biometric traits, altering biometric references, or using fake biometric samples to impersonate an individual. It also handles circumstances where individuals are incorrectly denied their due rights or access due to a false nonmatch. While earlier chapters examined the design and engineering implications of systems that should be able to (1) cope reasonably with such fraudulent attempts and implement security measures against them, and (2) gracefully handle individuals who are erroneously not matched through some secondary procedure, no system can be completely fraud- or error-proof. Thus, it will be important for policy and law to both address the perpetrator of identity fraud and induce system owners to create an environment that minimizes the opportunity for misuse of biometric samples—for example, by appropriately monitoring biometric sample presentation at points of enrollment and participation. It will also be important for policies to encourage appropriate and graceful management of false nonmatches. Reliability and privacy, and their potential intersections with biometric systems, are discussed below.

Reliability

Reliability has a social, as well as a technical, dimension. In the long run, biometric applications that make well-publicized or frequent errors will lose public support, even though some aspects of popular culture (such as police procedural television shows) have promoted the idea that forensic information, and in particular biometric data, is nearly infallible. Thus reliability, like privacy, is vital to the future of biometrics. Jurors relying on fingerprint evidence need assurance that they are convicting the right person. A security agency relying on voice analysis must feel confident that the person detained is a terrorist and not an innocent bystander. Context is crucial. Information may be reliable enough to begin an investigation, yet insufficiently trustworthy to send a person to prison. There is no guarantee that addressing reliability challenges alone would result in biometric systems becoming broadly accepted or even useful. In any particular setting, biometrics may or may not ensure the confidence needed for the system to be useful.

The reliability of biometric recognition has received considerable attention for many years. Numerous scholarly articles discuss whether particular forms of biometric evidence, such as DNA or fingerprints, are

15

Such as Maryland v. Rose (Maryland Circuit Court, 2007).

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

admissible in court and whether they should be.16 A recent NRC report took a broad look at forensics, not just biometric evidence, and concluded that “a body of research is required to establish the limits and measures of performance and to address the impact of sources of variability and potential bias.”17 After the misidentification and arrest of Brandon Mayfield in connection with the Madrid train bombings of 2004,18 courts appear to be taking a cautious approach to biometric recognition, even though the error was ultimately attributed to human experts and the Department of Justice report does not fault the automated matching portion of the system. The reverse perception may set excessively high standards; that is, if the assumption is that all evidence must be up to the standards implied by certain popular culture phenomena, then cases in which resources were not available to meet those standards may face challenges. While conclusive studies on the effects of television crime drama on jurors have not been published19 concerns over potential effects continue to surface in legal appeals.20

Without repeating the extensive studies mentioned above, it is helpful to consider how our society handles reliability concerns. A brief discussion of the admissibility of biometric evidence in court will be useful. As biometric systems are deployed more broadly and in more contexts, a public understanding of the extent to which the data they gather and results they produce can be relied upon will be critical. The discussion below explores some of the limitations and constraints that such data and results might face in a legal context. While biometric reliability is relevant

16

See, for example, Julian Adams, Nuclear and mitochondrial DNA in the courtroom, Journal of Law and Policy 13:69 (2005); Sandy L. Zabell, Fingerprint evidence, Journal of Law and Policy 13:143 (2005). There have been substantive conferences dealing with these matters, such as the National Science Foundation Workshop on the Biometric Research Agenda (2003). The use of biometric evidence in court is a subset of the field of forensics; it concerns “the application of the natural and physical sciences to the resolution of conflicts within a legal context.” See David L. Faigman et al., Science in the Law: Forensic Science Issues, West Group Publishing, p. 4 (2002). Also, forensic science “encompasses a broad range of disciplines, each with its own distinct practices.” See National Research Council, Strengthening Forensic Science in the United States: A Path Forward, Washington, D.C.: The National Academies Press (2009), p. 38.

17

National Research Council, Strengthening Forensic Science in the United States: A Path Forward, Washington, D.C.: The National Academies Press (2009). Also available at http://www.nap.edu/catalog.php?record_id=12589.

18

Available at http://www.usdoj.gov/oig/special/s0601/PDF_list.htm; http://www.usdoj.gov/oig/special/s0601/exec.pdf.

19

Tom R. Tyler, Is the CSI effect good science?, Yale Law Journal (The Pocket Part) (February 2006). Available at http://www.thepocketpart.org/2006/02/tyler.html.

20

John Ellement, SJC chief decries influence of “CSI,” The Boston Globe, December 11, 2009. Available at http://www.boston.com/news/local/massachusetts/articles/2009/12/11/mass_judge_says_theres_no_place_for_csi_in_real_courts/.

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

in numerous other settings, from border security to consumer transactions, the jury trial provides a highly visible insight into public views of reliability, and these views may well bear on other contexts.

The first point is that the strong consistency and accuracy sought by laboratory researchers and system developers is not always a goal of our legal system. While the Constitution provides broad norms binding the government, our system of federalism, in which substantial power is retained by the states, encourages diversity, even on fundamental issues. Even within a state, important decisions are made by local governments, individual judges, and juries. Given the changing nature of expert opinion, this sort of flexibility may not only be expected, it may also at times be welcomed.

Let us suppose that an individual in a given jurisdiction is charged with a crime, and the prosecutor seeks to introduce biometric evidence that is relevant to the guilt of that individual. Note that this biometric evidence may or may not be forensic evidence (for example, latent fingerprints). It might be a time-stamped log generated by a workplace entry biometric system. Or it might be information taken from the individual’s PDA that has a fingerprint access mode. Typically, this evidence would be presented by an expert, someone who, unlike an ordinary witness, is allowed to give her opinion as to what the evidence shows. The prosecutor might, for example, want to use an expert on voice analysis who has studied an incriminating phone conversation with a novel biometric technique and wants to offer her opinion that the voice on the phone is most likely that of the defendant.

In our legal system the judge performs a gatekeeper function: He or she decides whether the expert testimony is sufficiently reliable to be presented to the jury. If the judge rules that it is, the expert witness testifies before the jury and is subject to cross-examination, as well as to rebuttal testimony by opposing experts. The jury is free to believe or disbelieve any or all of the experts. If the judge rules that the expert testimony is not sufficiently reliable, she cannot take the stand, and the prosecution’s case might collapse.21

Frye and Daubert Standards

There are legal standards a judge uses in gatekeeping expert testimony. In many states, the judge uses the Frye standard, which asks

21

This gatekeeper role for the judge represents a compromise. In theory, a jury might be allowed to hear anyone, and we would rely on cross-examination and opposing witnesses to assure accuracy. But our system is a bit more constrained than that. Some juries might believe the testimony of an astrologer, but no judge would admit it. On the other hand, our system does leave considerable power in the hands of the jury, since a judge’s decision to admit expert testimony in no way guarantees that the jury will believe that testimony.

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

whether the expert opinion is based on a scientific technique that is generally accepted by the relevant scientific community.22 In other states, and in the federal system, the judge uses the more recent Daubert approach, which requires that he balance a variety of factors, including whether a scientific approach has been tested and subjected to peer review and publication; its error rate; and its general acceptance as defined in Frye.23 Later federal cases have applied the Daubert approach to all expert opinion, not just to scientific evidence,24 and have held that appellate courts should reverse trial courts under Daubert only when they have abused their discretion.25,26

Numerous studies have compared Frye and Daubert and have reached varying conclusions as to which is the higher hurdle in various settings, although most would agree that the change from Frye to Daubert did not work a sea change in admissibility decisions.27 The use of lay juries and judges who are not scientists means decisions on the admissibility of evidence will reflect social values more than technical expertise. For example, despite considerable controversy over its reliability, eyewitness testimony is routinely allowed in court; indeed, it is not always possible to introduce expert opinion to cast doubt on that testimony.28 A person may not have very good vision or a good memory, but may be allowed to testify before a jury about what he or she saw.

Why do we insist on a gatekeeper for technical experts but not for eyewitnesses? There is apparently a belief that a jury that has a commonsense understanding of the abilities of an eyewitness may defer too much to a highly credentialed expert. If that expert is articulate and persuasive, the usual checks of cross-examination and rival expertise may not be adequate. So the judge acts as a gatekeeper, using Frye or Daubert to keep from the jury theories that lack adequate signs of objective reliability.

Of course, when an expert witness testifies and a rival expert is called to rebut, the ensuing battle of the experts may not be helpful for the jury or for society. In a survey conducted by the Federal Judicial Center, judges frequently complained about experts who “abandon objectivity

22

Frye v. United States, 54 App. D.C. 46, 47, 293 F. 1013, 1014 (1923).

23

Daubert v. Merrell Dow Pharmaceuticals, Inc., 509 U.S. 579 (1993).

24

Kumho Tire Company, Ltd. v. Carmichael, 526 U.S. 137 (1999).

25

General Electric v. Joiner, 522 U.S. 136 (1997).

26

For an analysis of which states use Frye, which use the full-blown federal approach of Daubert, Kumho, and Joiner, and which use Daubert alone, see David Bernstein and Jeffrey Jackson, The Daubert trilogy in the states, Jurimetrics Journal 44(351).

27

David A. Sklansky, Evidence: Cases, Commentary, and Problems (2003), Aspen Publishers, pp. 468-470 (cites numerous studies).

28

See, for example, United States v. Smithers, 212 F. 3rd 306 (6th Circuit 2000).

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

and become advocates for the side that hired them.”29 One possible solution, which has been promoted in the federal system by United States Supreme Court Justice Stephen Breyer, is to have the judge call an expert drawn from a list provided by leading scientific organizations.30

The upshot of this for biometric systems and technologies is that the admissibility of biometric evidence will not be consistent throughout the country. States may differ on what is reliable, and even judges in a given state may sometimes differ. On the other hand, over time, a consensus will emerge in some areas. Polygraph evidence, for example, is generally denied admission in court31 while DNA evidence is generally admitted.32

Finally, the legal system will likely never render a verdict on biometric evidence as a whole. As one would expect, and hope, each type of evidence will be evaluated on its own when a judge exercises his or her gatekeeper function and when a jury performs its ultimate decision-making role. In these legal settings at least, societal attitudes to biometrics are much less important than societal attitudes toward specific biometric techniques. It is possible that opinions about techniques may change dramatically over time. For example, fingerprints are familiar and might be generally viewed as trustworthy, but people might be more skeptical of voiceprints or another more esoteric technology, no matter what the opinion of experts.

Privacy in a Legal Context and Potential Implications for Biometrics

Virtually every discussion of the social implications of biometrics begins with privacy, and for good reason. Biometric information is part of an individual’s identity (in the colloquial sense of the term), and a loss of control over that information can threaten autonomy and liberty.

In thinking about these concerns, context is crucial. There is no one-size-fits-all set of rules to ensure that a biometric system adequately protects privacy. It will be necessary instead to formulate policies for specific situations and to evaluate them as time passes. Nor is there a guarantee of success. Biometric technologies do not inevitably threaten privacy: They could be neutral in that regard or they could even enhance privacy. The outcome depends on the choices our society makes.

29

Molly Treadwell Johnson et al., “Expert Testimony in Federal Civil Trials: A Preliminary Analysis,” Federal Judicial Center (2000), at 5-6. Available at http://www.fjc.gov/public/pdf.nsf/lookup/ExpTesti.pdf/$file/ExpTesti.pdf.

30

See General Electric v. Joiner, 522 U.S. 136 (1997) at 149 (Breyer, J., concurring).

31

See, for example, State v. Porter, 698 A.2d 739 (Connecticut, 1997).

32

Julian Adams, Nuclear and mitochondrial DNA in the courtroom, Journal of Law and Policy 13:69 (2005).

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
The Public Sector and Privacy Rights

Privacy implicates a variety of constitutional norms in our legal culture. In the public sector, the government’s failure to safeguard personal information can implicate due process, its abuse of information can stifle free speech, and its failure to have an adequate basis for acquiring information can challenge our protections against unreasonable search and seizure as well as self-incrimination.

Rather than reiterate the many surveys that have come before, here we consider two recent decisions of the Supreme Court that relate to the intersection of biometrics and privacy rights. While these cases do not directly concern biometrics, some of their potential implications for that field are noted.


Hiibel v. Sixth Judicial District Court Consider first the Supreme Court’s 2004 decision in Hiibel v. Sixth Judicial District Court.33 Deputy Sheriff Lee Dove of Humboldt County, Nevada, was dispatched to investigate a telephone call reporting that a man in a red and silver GMC truck on Grass Valley Road had assaulted a woman. When Dove found the truck, he saw a woman sitting in it and a man standing beside it. Dove asked the man for identification, and the man refused. As Dove repeated the request, the man became agitated and said he had done nothing wrong, to which Dove replied that he wanted to know who the man was and why he was there. Eventually, after requesting identification 11 times and warning the man he would be arrested for failure to comply, Dove arrested the individual.

The arrested individual, Larry Dudley Hiibel, was charged under Nevada law with having obstructed a police officer by failing to identify himself. Nevada and some other states make it a crime to fail to identify oneself when stopped by a law enforcement officer. Hiibel was convicted and fined $250. His appeal, contending the Nevada law violated his Fourth and Fifth Amendment rights, ultimately reached the Supreme Court. A five-member majority of the Court affirmed Hiibel’s conviction. Four Justices dissented. For more detail on the arguments and decisions, see Box 4.1.

Biometrics makes the issues in Hiibel more pressing than ever. Consider police use of facial recognition technology, which has been tried on a limited basis in a few jurisdictions.34 Let us imagine a full-blown system in which officers on patrol have the ability to take digital images and compare them in real time with a variety of databases. Suppose Officer Dove

33

542 U.S. 177 (2004).

34

See, for example, Outsmarting the bad guys, Los Angeles Times, September 29, 2005, p. B2.

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

BOX 4.1

The Legal Arguments in Hiibel

Nevada recognized that Officer Dove lacked the probable cause required by the Fourth Amendment to arrest Hiibel. It relied on the Supreme Court’s 1968 opinion, which held that “reasonable suspicion” was an adequate Fourth Amendment standard when officers simply stop individuals against their will and pat them down to make sure they are not carrying a weapon (Terry v. Ohio, 392 U.S. 1 (1968)). Under Terry and later decisions, a suspicious officer can stop an individual and ask questions (also INS v. Delgado, 466 U.S. 210 (1984)). The Terry decision left open what recourse, if any, a police officer had if the individual refused to answer those questions. In a concurring opinion in Terry (392 U.S., at 34), Justice White wrote as follows: “Of course, the person stopped is not obliged to answer, answers may not be compelled, and refusal to answer furnishes no basis for arrest, although it may alert the officer to the need for continued observation.”

Hiibel urged the Court to adopt Justice White’s view. The Fourth Amendment’s protection of privacy, in Hiibel’s view, should prevent the government from forcing him to reveal his identity or answer other questions in the absence of probable cause that he had done something wrong. The closely related Fifth Amendment protection against self-incrimination should have the same result.

Justice Kennedy’s opinion for the Court rejected Hiibel’s arguments and thus Justice White’s assumption in Terry that when you are stopped by a police officer without probable cause you do not have to answer questions. The Court reasoned that the state of Nevada had a strong interest in requiring people to identify themselves (542 U.S., at 186):

Knowledge of identity may inform an officer that a suspect is wanted for another offense, or has a record of violence or mental disorder. On the other hand, knowing identity may help clear a suspect and allow the police to concentrate their efforts elsewhere. Identity

had not asked Larry Hiibel a single question—that instead, upon finding the GMC truck with a woman inside and a man beside it, Dove, without the man’s consent, had taken a digital image and compared it with images in a variety of databases. Would Hiibel have suffered an unacceptable invasion of privacy?

Much like the question of whether the failure to answer a police officer’s questions may be criminalized, this is a question for the legislature. Thus states (and the federal government) would have to decide whether to authorize their law enforcement officials to use facial recognition technology in this way.

In states that do allow the technology, adversely affected individuals could still go to court and argue that their constitutional rights had been violated. The narrowly drawn, five-to-four decision in Hiibel does not resolve the question. In one sense, the government is in a stronger position here. The self-incrimination issue is not present with facial recognition technology, since a Fifth Amendment claim requires that you be com-

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

may prove particularly important in cases such as this, where the police are investigating what appears to be a domestic assault. Officers called to investigate domestic disputes need to know whom they are dealing with in order to assess the situation, the threat to their own safety, and possible danger to the potential victim.

Justice Kennedy’s opinion for the Court also rejected Hiibel’s Fifth Amendment claim, although it left open the possibility that such a claim might succeed in a different situation. The Court reasoned that Hiibel had never explained how revealing his name would incriminate him. “As best we can tell,” the Court said, “petitioner refused to identify himself only because he thought his name was none of the officer’s business” (idem, at 190). The Court noted that “a case may arise where there is a substantial allegation that furnishing identity at the time of a stop would have given the police a link in the chain of evidence needed to convict the individual of a separate offense” (idem, at 191). In such a case, the Court would revisit the Fifth Amendment issue.

The four dissenting justices believed that Justice White had been correct in Terry: Given the absence of probable cause, the state cannot invade one’s privacy by compelling an answer to its questions. One of the dissenters, Justice Stevens, emphasized that the Nevada statute imposed a duty to speak on a “specific class of individuals”—namely, those who had been detained by the police (idem, at 191, Stevens, dissenting). Stevens characterized the privacy interest of that group in the following terms (idem at 196, Stevens, dissenting):

A person’s identity obviously bears informational and incriminating worth, ‘even if the [name] itself is not inculpatory.’… A name can provide the key to a broad array of information about the person, particularly in the hands of a police officer with access to a range of law enforcement databases. And that information, in turn, can be tremendously useful in a criminal prosecution. It is therefore quite wrong to suggest that a person’s identity provides a link in the chain to incriminating evidence ‘only in unusual circumstances.’

pelled to testify. While the Court in Hiibel assumed that giving one’s name is testimonial, it had previously held that the provision of nontestimonial evidence, such as a blood sample or a fingerprint, is not.35 However, the closely related Fourth Amendment issue remains: Does taking the image of an individual who is not subject to arrest without his or her consent and comparing it to a database constitute reasonable search and seizure?

Of course, a police officer has always been free to look at any individual and compare his likeness with that on wanted posters. But to many Americans, and potentially many legislatures, the use of technology to help do this makes a difference (see the discussion earlier in this chapter of individuals and identity). The possible loss of privacy posed by automated facial recognition technology may or may not be outweighed by possibly better law enforcement.

35

See Schmerber v. California, 384 U.S. 757 (1966).

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

The opinions in Hiibel illuminate the competing considerations. To some, Justice Kennedy’s image of police officers who can quickly separate those who are dangerous or wanted from those who are at risk or innocent is an attractive picture indeed. Others are more likely to see Justice Stevens’s world, where facial recognition databases cast a wide net to ensnare people stopped without probable cause.

The reliability of a biometric system, such as the facial recognition system hypothesized here, is obviously relevant to this inquiry. No one wants to be arrested for a crime he did not commit, and no one wants dangerous felons to go free because of devices that malfunction. But even a reliable system does not function successfully without additional safeguards. Lurking behind Justice Stevens’s image of law enforcement databases is a concern that technology makes it easier than ever to invade privacy by allowing information gathered for one purpose to be used for another.

This, of course, is an important concern for those who fear government databases might be improperly used for political purposes. The constitutional issue here is typically framed in terms of our First Amendment rights to free speech and assembly. The Supreme Court has often found that these rights include the right to remain anonymous in certain settings.36

In 1999 in Buckley v. American Constitutional Law Foundation,37 the Court struck down a Colorado requirement that individuals circulating ballot initiative petitions must wear a badge bearing their name. The Court noted here that ballot initiatives were often very controversial and that the requirement deterred participation in the political process, in effect saying that in some settings, facial recognition technology could compromise free speech by in essence making everyone wear an identification badge.

Of course, we give up some measure of privacy when we appear in public. And our remaining privacy interests are not absolute. But judicial recognitions of the importance of anonymity give us a way to understand

36

In 1958, the Court stuck down an Alabama statute requiring organizations to disclose their membership to the state. The plaintiff was the NAACP, which clearly would have been threatened by the state’s requirement (see NAACP v. Alabama, 357 U.S. 449 (1958)). Since then, the Court has invalidated a Los Angeles ordinance requiring any publicly distributed handbill to identify its author, as well as a broader ban in Ohio on anonymous campaign literature (see Talley v. California, 362 U.S. 60 (1960); McIntyre v. Ohio Elections Commission, 514 U.S. 334 (1995)). These results and others like them are hardly surprising, given our political history: The Federalist Papers, which built support for the Constitution and which play a role in its interpretation to this day, were published under pseudonyms.

37

525 U.S. 182 (1999).

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

Larry Hiibel’s insistence that he did not identify himself because his name was “none of the officer’s business.”38

It bears repeating that there is nothing intrinsic to biometrics that automatically aggravates Larry Hiibel’s problem. Police officers relying on their own judgment unaided by technology can easily make politically or racially motivated decisions that improperly invade privacy. In some settings, biometric systems could alleviate rather than worsen these problems, by relieving the individual law enforcement agent of the recognition task and assigning it to a common automated system that presumably performs equally and repeatedly for all agents. Such a system would, of course, be subject to all of the usual technological and environmental factors discussed elsewhere in this report that might degrade its effectiveness.

In the end, many aspects of the intersection between the Hiibel decision and biometrics come down to control over the uses of databases. Consider again a facial recognition system employed by an officer on patrol. A legislature might understandably want to reap the benefits of such a system while eliminating its misuse. Suppose the state curtailed the use of the system by saying that images of those under suspicion should be compared only to a database of convicted felons. Is there any constitutional requirement that this limit be abided by? The Supreme Court has not answered this question, although it has suggested that a state might violate due process if it does not take reasonable steps to stop unwarranted disclosures of data.

The suggestion came in the Court’s decision in Whalen v. Roe, 429 U.S. 589 (1977). A New York statute required that prescriptions for legitimate but addictive drugs be recorded on a computer database to prevent abuses such as users obtaining prescriptions from more than one doctor. Although the computer system was set up to prevent leaks and public disclosure of the identity of patients was made a crime, the system was challenged by those who feared that the information could get out, stigmatizing patients as addicts in violation of their privacy rights. The statute was upheld, with the Court noting that no evidence of information falling into the wrong hands had been presented.39 In his opinion for the Court, Justice Stevens, in an oft-quoted passage (idem at 605-606), left open the possibility that some future database might not be constitutionally acceptable if it were not adequately protected against improper use:

We are not unaware of the threat to privacy implicit in the accumulation of vast amounts of personal information in computerized data banks or other massive government files…. The right to collect and use such data

38

Hiibel v. Sixth Judicial District Court, 542 U.S. 177, 190 (2004).

39

429 U.S., at 601.

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

for public purposes is typically accompanied by a concomitant statutory or regulatory duty to avoid unwarranted disclosures. Recognizing that in some circumstances that duty arguably has its roots in the Constitution, nevertheless New York’s statutory scheme … evidences a proper concern with, and protection of, the individual’s interest in privacy. We therefore need not, and do not, decide any question which might be presented by the unwarranted disclosure of accumulated private data whether intentional or unintentional or by a system that did not contain comparable security provisions. We simply hold that this record does not establish an invasion of any right or liberty protected by the Fourteenth Amendment.

This recognition that the due process clause of the Fourteenth Amendment might protect informational privacy is clearly important. It suggests that a government biometric database with inadequate safeguards could be successfully challenged by an individual in that database on the ground that the government had violated his or her liberty. Moreover, regardless of whether a challenge in court would succeed, it is clear that the public desires protection from unwarranted disclosures from databases of all kinds. Biometric systems will be judged by that standard.


Kyllo v. United States The other recent Supreme Court decision that casts light on privacy and biometrics is Kyllo v. United States.40 Federal Agent William Elliott suspected that marijuana was being grown in the home of Danny Kyllo, but he lacked the probable cause necessary to obtain a search warrant. Accordingly, Agent Elliott sat in a car in the street next to Kyllo’s home and used a thermal imager to scan the residence. The imager detected infrared radiation coming from Kyllo’s house. The pattern revealed that portions of the house were hotter than the rest of the house and the neighboring homes. Agent Elliott concluded that Kyllo was using halide lights to grow marijuana. Using this and other information, Elliott obtained a warrant for a search. Once inside Kyllo’s home, federal agents found more than a hundred marijuana plants. Kyllo, who was eventually convicted of manufacturing marijuana, appealed on the ground that using a thermal imager without probable cause constituted an unreasonable search under the Fourth Amendment. The Supreme Court, in another 5-4 decision, agreed with Kyllo. See Box 4.2 for an overview of the arguments used.

Two main lessons for biometrics emerge from Kyllo. The first is that as a technology advances and becomes widespread, our zone of constitutionally guaranteed privacy shrinks. The Court recognizes, moreover, that our society’s expectations of privacy set the baseline for laws

40

533 U.S. 27 (2001).

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

governing searches. In California v. Ciraolo, noted in Box 4.2, the Court, in upholding aerial surveillance of a fenced backyard, explicitly said that “in an age where private and commercial flight in the public airways is routine, it is unreasonable to expect” that one’s backyard is private.41 In Kyllo the Court implied that if thermal imagers had been in common use its decision would have been different. Thus if the day comes when a biometric device that analyzes voices can function from a hundred feet or so and extend its range into a private home, and if use of that device becomes widespread, the Fourth Amendment will have little application.

If the first lesson offers a boost for biometrics, the second lesson does the opposite. All nine justices in Kyllo expressed concern about future technologies that impinge on privacy. The majority wanted to step in now; the dissent wanted to let the legislatures have the first crack at controlling future developments. On this question, the nine justices on the Supreme Court are representative of a wide span of public opinion. The ability of the government to use biometrics to, say, track people’s movements around their neighborhood or even inside their own homes will raise red flags for those concerned about privacy and government intrusion. Public assent, so crucial, is likely to be lacking unless the application of biometrics is highly justifiable and carefully circumscribed.

Finally, going from protections provided by the Constitution to the less lofty ones provided by statute, we find a series of federal and state laws that tend to control certain government databases on a sector-by-sector basis with varying success. Many of these statutes incorporate the Fair Information Practices code developed by the then-Department of Health, Education and Welfare in 1973 and incorporated into the federal Privacy Act of 1974. The strengths and weaknesses of these statutes have been exhaustively analyzed.42 As Hiibel, Kyllo, and the other cases mentioned above demonstrate, in many sensitive areas an individual has no statutory protections and must rely on constitutional arguments.

The Private Sector and Privacy Rights

In Whalen v. Roe, Justice Stevens spoke of the threat to privacy posed by “massive government files.”43 But what about information held in private hands? Many Americans are just as concerned or even more so about the loss of privacy when personal information is given to their employer or demanded in an online private transaction. Suppose a bank gives its

41

476 U.S., at 215.

42

See, for example, Daniel J. Solove, Marc Rotenberg, and Paul M. Schwartz, Information Privacy Law, 2nd edition, pp. 523-622, New York: Aspen Publishers (2006).

43

429 U.S., at 605.

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

BOX 4.2

The Legal Arguments in Kyllo

Although Justice Scalia’s opinion for the Court emphasized the Constitution’s traditional protection for the privacy of the home, he recognized that visual surveillance of the home without probable cause has long been allowed. In addition, his opinion for the Court conceded that “it would be foolish to contend that the degree of privacy secured to citizens by the Fourth Amendment has been entirely unaffected by the advance of technology” (533 U.S., at 33-34). For example, the Court had permitted aerial surveillance of the backyard of a private house, even though a fence shielded the yard from the street (California v. Ciraolo, 476 U.S. 207 (1986)).

Why did the Court disallow the use of the evidence adduced by the thermal imager? The Court relied on a test that stemmed from the case of Katz v. the United States (389 U.S. 347 (1967)). Katz upheld a challenge to warrantless eavesdropping by an electronic listening device placed on the outside of a telephone booth because Katz had justifiably relied on the privacy of the booth. The test held that “a Fourth Amendment search occurs when the government violates a subjective expectation of privacy that society recognizes as reasonable” (idem, at 33).

The Court recognized that the Katz test had been criticized as circular and unpredictable (idem, at 34), but it declined to revisit Katz in the setting of the thermal imaging of a private home. The Court also recognized that changing societal expectations of privacy affect Fourth Amendment rights under the Katz approach. In its opinion, the Court twice noted that the search of Kyllo’s home was being set aside in part because the thermal imaging device was “not in general public use” (idem, at 34 and 40).

A final feature of the majority’s opinion was the evident concern that more advanced technologies could reach into the privacy of the home. The Court said that “while the technology used in the present case was relatively crude, the rule we

customers the option of using fingerprints rather than a password to access an ATM. The bank may believe it is enhancing privacy because a password is easily stolen. But if the bank’s fingerprint database is not adequately secured, a purposeful or accidental disclosure of that data could lead to identity theft. Suppose an employer conducts a biometric scan of its workers to facilitate access to the secure workplace when a badge is lost. If the biometric modality chosen happened to also reveal information about a worker’s health, that information could be misused by the employer, by insurance companies, or others.

Justice Stevens’s reference to “government” files was not inadvertent. The individual freedoms guaranteed by the U.S. Constitution are virtually all protections against government overreach. The Bill of Rights protects us from government suppression of free speech and religion, government establishment of religion, improper searches by government officials, deprivations of due process by the government, and so on. Similarly,

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

adopt must take account of more sophisticated systems that are already in use or in development” (p. 36). The Court then detailed what it had in mind (idem, at 36, note 3):

The ability to “see” through walls and other opaque barriers is a clear, and scientifically feasible, goal of law enforcement research and development. The National Law Enforcement and Corrections Technology Center, a program within the United States Department of Justice, features on its Internet Website projects that include a “Radar-Based Through-the-Wall Surveillance System,” “Handheld Ultrasound Through the Wall Surveillance,” and a “Radar Flashlight” that “will enable law enforcement officers to detect individuals through interior building walls.”

The four dissenting justices believed that Danny Kyllo had no reasonable expectation of privacy in heat emissions that were being sensed after they had left his house. In the dissenters’ view, Agent Elliott’s use of a “fairly primitive thermal imager” was no different than if he had noticed that Kyllo’s house was warmer than a nearby building because “snow melts at different rates across its surfaces” (pp. 41 and 43, Stevens, dissenting). But the dissent was not prepared to say that advanced technology should always be absolved from Fourth Amendment scrutiny because it is nothing more than an enhancement of our senses. On that subject, Justice Stevens’s dissent on p. 51 took a wait-and-see attitude:

Although the Court is properly and commendably concerned about the threats to privacy that may flow from advances in the technology available to the law enforcement profession, it has unfortunately failed to heed the tried and true counsel of judicial restraint. Instead of concentrating on the rather mundane issue that is actually presented by the case before it, the Court has endeavored to craft an all-encompassing rule for the future. It would be far wiser to give legislators an unimpeded opportunity to grapple with these emerging issues rather than to shackle them with prematurely devised constitutional constraints.

Articles I, II, and III of the Constitution protect us from oppression by dividing government power between the federal and state governments and by dividing the federal government’s power among the legislative, executive, and judicial branches.

The infringement of privacy by a private entity, including privacy of biometric information, can be protected against by legislation. But some limitations to this approach should be noted at the outset. While federal laws can be drafted that preempt state action, most such laws leave room for complementary state regulation, leading to debates over coverage. Moreover, when the federal government does not preempt or when it is silent, state laws typically differ from state to state, raising problems for businesses seeking to comply with the law and for enforcement efforts. Finally, only constitutional protections extend to minorities who lose out in legislative battles. For example, if the private sector depriving you of a

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

job is in compliance with all relevant legislation, you have no recourse in court even if you believe you have been treated unfairly.44

Biometric information held by private companies is subject to constraints beyond those imposed by legislation. One such constraint might be self-regulation, which a company might impose to gain a market edge. Another such constraint might be common-law protections. An employee or a consumer might enter into a contract with a company that promises to protect biometric data and would risk breach of contract if it did not do so. Similarly, a company that failed to meet accepted standards in protecting information might be liable for negligence in a tort suit. However, continuing public concern about privacy suggests that market failures and the limits of relief achievable with retrospective common law make further legislative action likely.

There are many possible ways to regulate biometric technologies and systems that might provide needed protections for the public and build its confidence in the private sector. Some would be relevant to government databases as well. In response to the continuing concern over identity theft and fraud, some jurisdictions are considering enacting laws to prohibit the selling and sharing of an individual’s biometric data, absent consent or compelling circumstances.45

Privacy concerns should be attended to when a biometric deployment is being implemented. For example, in answering the question of whether to store biometric data as processed references or in source samples or images, which approach best protects privacy should be considered. The same is true of the choice between local or centralized storage of biometric data—a choice that has significant security and privacy implications. Encryption of biometric data is often vital. Perhaps most important, the use of biometric systems should be defined and limited at the outset of a program, by legislation when appropriate. The temptation to use information for new purposes never justified to the public should be resisted.

In the end, working as hard on privacy as on technical success will help assure that biometric programs maintain or even enhance individual autonomy as they achieve social goals. Failure to do so will result in biometric programs that undermine American values while potentially bringing about their own failure due to public resistance.

44

The NRC report Who Goes There? Authentication Through the Lens of Privacy (2003) found that personal information held by the private sector is afforded weaker statutory protections than information held by the federal or state governments and that much detailed personal information in the hands of businesses is available for reuse and resale to private third parties or to the government, with little in the way of legal standards or procedural protections.

45

Illinois passed such a law in 2008 (740 ILCS 14/), the Biometric Information Privacy Act. Available at http://www.ilga.gov/.

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

DATA POLICIES

Biometric data are personally identifying information.46 Thus biometric systems have the potential to collect not only pattern recognition information captured by sensors, but also other information that can be associated with the biometric data themselves or with data records already contained within the system. Depending on the biometric system, this information could include time and location of use, identification data (for example, name or Social Security number, and so on) and, in some cases, medical measurements (for example, glucose levels).47 Additional data may be created when a decision is generated by the system (positive or negative recognition) that may be stored or shared with another system. Given the increasing volumes and kinds of data associated with a biometric system, data policies are important to answer a variety of questions that arise regarding sharing, storage, integrity, and confidentiality of the biometric system data.

Biometric systems are often associated with an identity system. Biometric data may be correlated across identity systems to recognize individuals. The data associated with an individual collected by different organizations using the same biometric modality may be similar but almost certainly not identical, because the sample acquisition for enrollment will vary (see Chapter 1 for elaboration on sources of uncertainty and variation in biometric systems).

An earlier NRC report addressed a set of questions and issues that arise particularly in the context of an identity system. For the most part, they apply to biometric recognition systems. The questions are reprinted for reference.48

  • What is the purpose of the system? Possible purposes of an identity system include expediting and/or tracking travel; prospectively monitoring individuals’ activities in order to detect suspicious acts; retrospectively identifying perpetrators of crimes.

  • What is the scope of the population to whom an “ID” would be issued and, presumably, recorded in the system? How would the identities of these individuals be authenticated?

46

The Data Protection Working Party is the independent European Union advisory body on data protection and privacy, established under Article 29 of Directive 95/46/EC. It determined that in most cases biometric data are personal data and can in all cases be considered as “information relating to a natural person.” Available at http://ec.europa.eu/justice_home/fsj/privacy/docs/wpdocs/2003/wp80_en.pdf.

47

While biometric data captured by systems using the most common modalities do not contain medical information, some emerging technologies capture traits such as heartbeat patterns, which directly convey medical data.

48

NRC, IDs—Not That Easy: Questions About Nationwide Identity Systems. Washington, D.C.: The National Academies Press, pp. 9-11 (2002).

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
  • What is the scope of the data that would be gathered about individuals participating in the system and correlated with their system identity? “Identification systems,” despite the name, often do much more than just identify individuals; many identity systems use IDs as keys to a much larger collection of data. Are these data identity data only (and what is meant by identity data)? Or are other data collected, stored, and/or analyzed as well? With what confidence would the accuracy and quality of this data be established and subsequently determined?

  • Who would be the user(s) of the system (as opposed to those who would participate in the system by having an ID)? If the public sector or government will be the primary user, what parts of the government will be users, in what contexts, and with what constraints? In what setting(s) in the public sphere would such a system be used? Would state and local governments have access to the system? Would the private sector be allowed to use the system? What entities in the private sector would be allowed to use the system? Who could contribute, view, and/or edit data in the system?

  • What types of use would be allowed? Who would be able to ask for an ID, and under what circumstances? Assuming that there are datasets associated with an individual’s identity, what types of queries would be permitted (e.g., “Is this person allowed to travel?” “Does this person have a criminal record?”). Beyond simple queries, would analysis and data mining of the information collected be permitted? If so, who would be allowed to do such analysis and for what purpose(s)?

  • Would participation in and/or identification by the system be voluntary or mandatory? In addition, would participants have to be aware of or consent to having their IDs checked (as opposed to, for example, being subjected to surreptitious facial recognition)?

  • What legal structures protect the system’s integrity as well as the data subject’s privacy and due process rights, and which structures determine the liability of the government and relying parties for system misuse or failure?

Information-Sharing Issues

With increased use of biometrics, there is legitimate concern about how information stored in biometric databases might be shared. Sharing can extend the administrative reach of biometric findings. It could also afford valuable facts for management and research studies. However, such sharing presents significant privacy and confidentiality challenges. Systematic approaches in law, regulation, or technology to resolve the tension between the evident demand to share more biometric information and the cautions of privacy and technology are lacking. In particular, no

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

comprehensive federal policy exists to guide sharing information from biometric databases.49

The sharing of information from biometric databases occurs when the records in one database are integrated with those in other databases and when data are disseminated directly to users. Most biometric systems today involve databases to which biometric samples captured from a population of individuals have been submitted and are later searched to find matching enrolled individuals with the same biometric characteristics. In some systems, a sample is compared to the reference biometric data associated with the claimed identity (which means maintaining a database of reference data, even if it is not searched at each use). A national system of ID cards or passports based on biometric data would rely on a database.

The costs of electronically capturing biometric samples and storing the data continue to drop, as do the costs of data integration and dissemination, and the technical ability to do so is expanding as well, serving to increase interest in storing biometric information in databases. The benefits of storage capacity and data integration and sharing could include the following:

  • Administrative efficiencies. One of the many applications might be giving a homeless shelter the ability to check whether an applicant has a criminal record; another might be allowing law enforcement to check whether a particular individual used a certain facility at a certain time.

  • Business purposes. Sports teams could collaborate to examine the usage patterns and demographics of their season ticket holders, perhaps to avoid issuing more tickets than they have seats or to look for joint advertising opportunities.

  • Research uses. Biometric data are needed for testing biometric system performance and for developing new systems and features.50

Although processing and sharing biometric information can bring many benefits, there are also concerns that stem from the ease with which biometrics technology integrates with database technology, increasing the likelihood of privacy violations. For this reason, it has been suggested

49

In addition to the lack of policy guidance, there can be logistical and practical challenges to information sharing. For example, even within the DOD structure, the GAO has found gaps in biometrics sharing across missions. See http://www.gao.gov/products/GAO-09-49. For a more thorough treatment of information sharing and privacy, not just with respect to biometrics but also generally, see Peter Swire, Privacy and information sharing in the war on terrorism, Villanova Law Review 51:260 (2006).

50

A. Ross, S. Crihalmeanu, L. Hornak, and S. Schuckers, A centralized web-enabled multi-modal biometric database, Proceedings of the 2004 Biometric Consortium Conference (BCC), September 2004.

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

that privacy must be designed into the systems rather than added on at a later time.51

Currently there does not seem to be much of an ingrained culture of privacy protection for biometric databases, beyond that which exists for information systems generally or state and local efforts such as the Illinois statute mentioned previously. With the exception of some agencies, mainly statistical agencies, there is little historical tradition of maintaining the confidentiality of biometric databases. This is in spite of the fact that if biometric data associated with an individual falls into the wrong hands that individual could be at risk of identity theft.52 Moreover, sharing of information from biometric databases raises questions of (1) whether the information would be used for purposes not intended or inconsistent with the purposes of the original biometric application and (2) what information about intended uses of the system should be disclosed to users and how that information should be presented.

Protection of Biometric Data

The protection of personal information is not the only reason for protecting biometric data. Another is the desire to prevent third parties from linking records between systems, determining the enrolled users in a system, or discovering a doppelganger (an individual who is a close match for an enrolled user). The encryption of biometric data stored in centralized databases or on a personal device such as a smart card, coupled with appropriate security measures to limit probing of the database, can be effective in countering these threats. Encryption and database protection, however, are insufficient to protect against identity theft by an attacker impersonating an individual by mimicking his or her biometric traits.

It is natural to draw a parallel between password-based authentication and biometric verification of identity. In a password-based system, a secret password is presented to confirm a claimed identity; in a biometric verification system, the trait is presented to confirm the claimed identity. It would appear that exposure of an individual’s biometric data is comparable to disclosure of a secret password, with the added complication that while it is easy to replace a password, the same is not true for a biometric

51

“Biometric technology is inherently individuating and interfaces easily to database technology, making privacy violations easier and more damaging. If we are to deploy such systems, privacy must be designed into them from the beginning, as it is hard to retrofit complex systems for privacy.” Available at http://www.eff.org/Privacy/Surveillance/biometrics/.

52

As noted in Chapter 1, access to sensitive systems should rely not just on the presentation of the correct biometric sample but rather on the security of the full process. Concerns about identity theft arise because not all biometric systems offer adequate security, and some could be vulnerable to attack by impersonators.

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×

trait. Further, biometric data are exposed not only when data leak from unencrypted or poorly protected databases—they can, at least in principle, be derived from publicly observable human traits. The submission of a password and the presentation of a biometric trait are not, however, analogous. As discussed in Chapter 1, the security value of a biometric verification system stems from measures surrounding the presentation and capture of the biometric trait. These measures cope with public disclosure of an individual’s biometric data by verifying that a presented trait is genuine and not an artifact employed by an attacker. However, when the sample capture is remote and unattended, as would be the case for most systems associated with computer access, there are few technical safeguards and minimal protection against the use of artifacts. In these circumstances, one would not expect a biometric recognition system to provide reliable protection against a premeditated attack.

SUMMARY

Although biometric systems can be beneficial, the potentially lifelong association of biometric traits with an individual, their potential use for remote detection, and their connection with identity records may raise social, cultural, and legal concerns. Such issues can affect a system’s acceptance by users, its performance, or the decision on whether to use it in the first place. Biometric recognition also raises important legal issues of remediation, authority, and reliability, and, of course, privacy. Ultimately, social, cultural, and legal factors are critical and should be taken into account in the design, development, and deployment of biometric recognition systems.

Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 85
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 86
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 87
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 88
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 89
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 90
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 91
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 92
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 93
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 94
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 95
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 96
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 97
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 98
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 99
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 100
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 101
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 102
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 103
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 104
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 105
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 106
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 107
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 108
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 109
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 110
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 111
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 112
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 113
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 114
Suggested Citation:"4 Cultural, Social, and Legal Considerations." National Research Council. 2010. Biometric Recognition: Challenges and Opportunities. Washington, DC: The National Academies Press. doi: 10.17226/12720.
×
Page 115
Next: 5 Research Opportunities and the Future of Biometrics »
Biometric Recognition: Challenges and Opportunities Get This Book
×
Buy Paperback | $44.00 Buy Ebook | $35.99
MyNAP members save 10% online.
Login or Register to save!
Download Free PDF

Biometric recognition--the automated recognition of individuals based on their behavioral and biological characteristic--is promoted as a way to help identify terrorists, provide better control of access to physical facilities and financial accounts, and increase the efficiency of access to services and their utilization. Biometric recognition has been applied to identification of criminals, patient tracking in medical informatics, and the personalization of social services, among other things. In spite of substantial effort, however, there remain unresolved questions about the effectiveness and management of systems for biometric recognition, as well as the appropriateness and societal impact of their use. Moreover, the general public has been exposed to biometrics largely as high-technology gadgets in spy thrillers or as fear-instilling instruments of state or corporate surveillance in speculative fiction.

Now, as biometric technologies appear poised for broader use, increased concerns about national security and the tracking of individuals as they cross borders have caused passports, visas, and border-crossing records to be linked to biometric data. A focus on fighting insurgencies and terrorism has led to the military deployment of biometric tools to enable recognition of individuals as friend or foe. Commercially, finger-imaging sensors, whose cost and physical size have been reduced, now appear on many laptop personal computers, handheld devices, mobile phones, and other consumer devices.

Biometric Recognition: Challenges and Opportunities addresses the issues surrounding broader implementation of this technology, making two main points: first, biometric recognition systems are incredibly complex, and need to be addressed as such. Second, biometric recognition is an inherently probabilistic endeavor. Consequently, even when the technology and the system in which it is embedded are behaving as designed, there is inevitable uncertainty and risk of error. This book elaborates on these themes in detail to provide policy makers, developers, and researchers a comprehensive assessment of biometric recognition that examines current capabilities, future possibilities, and the role of government in technology and system development.

  1. ×

    Welcome to OpenBook!

    You're looking at OpenBook, NAP.edu's online reading room since 1999. Based on feedback from you, our users, we've made some improvements that make it easier than ever to read thousands of publications on our website.

    Do you want to take a quick tour of the OpenBook's features?

    No Thanks Take a Tour »
  2. ×

    Show this book's table of contents, where you can jump to any chapter by name.

    « Back Next »
  3. ×

    ...or use these buttons to go back to the previous chapter or skip to the next one.

    « Back Next »
  4. ×

    Jump up to the previous page or down to the next one. Also, you can type in a page number and press Enter to go directly to that page in the book.

    « Back Next »
  5. ×

    Switch between the Original Pages, where you can read the report as it appeared in print, and Text Pages for the web version, where you can highlight and search the text.

    « Back Next »
  6. ×

    To search the entire text of this book, type in your search term here and press Enter.

    « Back Next »
  7. ×

    Share a link to this book page on your preferred social network or via email.

    « Back Next »
  8. ×

    View our suggested citation for this chapter.

    « Back Next »
  9. ×

    Ready to take your reading offline? Click here to buy this book in print or download it as a free PDF, if available.

    « Back Next »
Stay Connected!