Are we rapidly approaching an Orwellian state where the government will be able to simply turn on a computer, punch in your name and find out where you've been and what you've done today? With the rise of biometrics, this may already be a reality. In other words, the future is now.
Biometrics, the latest high-tech security measure being marketed as the protector of privacy, is instead an enormous threat to our privacy rights. Simply put, to verify a person's identity, biometric technology substitutes passwords and PIN numbers with body parts: a fingerprint, voice or iris or retina of the eye.
Resembling something out of a science fiction movie, biometric technology is being touted as privacy's friend. But civil rights groups, fearing widespread violations of our Fourth Amendment privacy rights, view these intrusive measures as privacy's foe.
The are a number of biometric techniques that use a unique body part or characteristic as an identifier. A person's voice, fingerprint, iris or retina can be scanned by camera, digitized and stored in a database--similar to scanning a bar code on merchandise. The most basic and widely used technique is fingerprint recognition. However, the iris scan is more advanced and is gaining in popularity. Other biometric identifiers include voice verification and retinal, facial and hand scanning.
The widespread use of biometrics is growing at an astounding pace, with sales expected to increase from 16.2 million in 1996 to 50 million in 1999. This technology is being used in widely diverse arenas, from financial institutions to correctional centers.
Biometrics is not used solely to protect access to an individual's private information. It can also be used to gather and store information about someone's whereabouts. In Cooke County, Illinois, for example, inmates are subjected to retinal scanning and tracked. The Immigration and Naturalization Service is now using hand scanners and voice recognition to keep tabs on those entering and leaving the country. Even college dining halls, such as the one at the University of Georgia, have resorted to biometrics to supervise and track student diners.
Employers are even using biometrics to gauge employee productivity. For example, Coca-Cola, requires its employees to use hand scanning instead of conventional time clocks to keep tabs on workers. This prevents one employee from clocking in or out for another.
With the biometric capability called "keystroke dynamics," which identifies individuals by their typing pattern, much like a fingerprint, many fear that employees will be monitored every minute of the day without their knowledge.
The biggest customers of this technology are credit card companies and banks, which use biometrics to protect against fraud and theft. From the private sector to the government, many institutions are relying on this electronic "security guard." In California, New Jersey and New York, the government has instituted biometrics to protect against welfare fraud, by requiring welfare recipients to have their fingerprints scanned.
"If banks can require our fingerprints today, what's next? Urine samples and blood tests?" asked an official from the California Public Interest Research Group. Advocates claim that biometrics is a protection against widespread fraud and theft. But Deborah Hurley of Harvard's Information Infrastructure Project cautions, "biometrics is using a hammer to kill a fly."
The risks to personal privacy that are inherent in biometrics are both numerous and severe. The selling or sharing of biometrical information is a potentially disastrous problem. Many fear that the database banks created for the purpose of verifying the identity of a customer or consumer will be shared or used for nefarious purposes. Imagine a future where companies sell your biological information and related consumer or financial profile, much like they sell your mailing address and phone number today.
Even worse than selling your personal information is someone stealing your identity. Bruce Schneier, president of a computer security firm, warns, "Biometrics is not a panacea." While an actual physical fingerprint is hard to steal, biometrics requires digitalization of a fingerprint or retina. However, "once it goes digital, it can be intercepted." Unlike a password, where if stolen it can be canceled and replaced with a new one, "once your fingerprints have been compromised, you can't get new ones."
Fortunately, some states are acknowledging the hazards posed by biometrics. Connecticut passed legislation prohibiting the use of captured biometric information for anything other than its intended purpose. Earlier this year, a bill was introduced in California that "treated biometrics like narcotics" making it a crime to "traffic" biometric information.
But overall the technology is advancing far more rapidly than the laws, leaving an unregulated "brave new world" of biometrics. "Who is entitled to this information?" asked Barry Steinhardt, an associate director of the American Civil Liberties Union. "What is the form of consent, and is it truly voluntary? What security is there against theft?" These vitally important questions remain unanswered and unheeded.