Post on 12-Jan-2016
description
The Challenge of Biometrics
Laurence Edge
Proposition
Over-optimism re accuracy
Over-optimism re accuracy
Enthusiasm to deploy
Enthusiasm to deploy
Threats to Privacy?
Threats to Privacy?
Immaturelegal framework
Immaturelegal framework
Agenda
Biometrics – some definitions Technical background What are the issues? Solutions?
Definition - 1
“a general term for technologies that permit matches between a ‘live’ digital image of a part of the body and a previously recorded image of the same part usually indexed to personal or financial information” (Alterman - 2003)
Definition - 2
“measuring relevant attributes of living individuals or populations to identify active properties or unique characteristics” (Mordini - 2004)
Definition – 3 (mine!) unique physical characteristic capable of being
matched automatically possible to match at acceptably low rates of error possible to perform automatic one-to-many
identification matching, with a high accuracy (near 100%) against a reference database consisting of tens or hundreds of millions of records;
accepted in a court of law as a legal proof of identity
Authentication
Identification – selection of one from many e.g. fingerprints from a crime scene
Verification – “I am who I claim to be” e.g. passports or ID cards
The Technologies - Types
Fingerprints Hand/Finger geometry Voice print Signatures Facial Recognition Vein Patterns Iris Recognition Retina Scans DNA Others
The Technologies - Concepts
Generic method Accuracy General concerns
Generic Method - Enrolment
Measure Generate template Record
Generic Method - Operation
Biometrics at the Frontiers: Assessing the Impact on Society (2005)
Accuracy?
Biometric Product Testing: Final report, Issue 1.0 (2001): CESG/BWG
Performance Improvements- Facial Recognition
Phillips et al. “FRVT 2006 and ICE 2006 Large-Scale Results”. (2007)
7 Pillars of (biometric) Wisdom
• Universality• Uniqueness• Permanence• Collectability• Performance• Acceptability• Circumvention
EC report: Biometrics at the Frontiers: Assessing the Impact on Society (2005)
7 Pillars of (biometric) Wisdom
The Technologies - Challenges
Spoofing / Mimicry / Residual Images Usability Accessibility Hygiene Safety Secondary use Public Perception
DNA
Physical sample required Slow to process Lowest FAR & FRR FTE & FTA of 0%
DNA – Uniqueness?
97% were happy to include a photograph 79% fingerprints 62% eye recognition (no distinction was made
between iris and retina scans) 41% approved of the inclusion of DNA details
Hiltz, Han, Briller. “Public Attitudes towards a National Identity "Smart Card:" Privacy and Security Concerns” (2003)
DNA – Acceptability?
DNA – Foolproof?
Scene of crime samples in particular may be contaminated, degraded, and misinterpreted (especially if mixed). Human errors (e.g. sample mix-ups) will occur.
Need for corroborating evidence. Expanding databases could lead to an over-
reliance on ‘cold hits’. Increased potential for ‘framing’ of suspects? “The forensic use of Bioinformation: ethical issues”
Nuffield Council on Bioethics (2007)
Privacy Assessment - 1
Overt1. Are users aware of the system's
operation?Covert
Optional 2. Is the system optional or mandatory? Mandatory
Verification3. Is the system used for identification
or verification?Identification
Fixed Period4. Is the system deployed for a fixed
period of time?Indefinite
Private Sector5. Is the deployment public or private
sector?Public Sector
Privacy Assessment - 2
Individual,Customer
6. In what capacity is the user interacting with the system?
Employee,Citizen
Enrollee7. Who owns the biometric information?
Institution
Personal Storage 8. Where is the biometric data stored?
Database Storage
Behavioral 9. What type of biometric technology is being deployed?
Physiological
Templates 10. Does the system utilize biometric templates, biometric images, or both?
Images
International Biometric Group – www.bioprivacy.org
Risk Assessment - DNAPositive Privacy Aspects
Negative Privacy Aspects
Bioprivacy Technology Risk Rating
Currently slow and complex to processAnalysis device non portable
Unchanging over subject’s whole lifetimeUse in forensic applicationsStrong identification capabilities Not unique for identical twinsSamples can be collected without consent/knowledgePossible to extract additional genetic information
Identification: HCovert: HPhysiological: H
Image: H
Databases: H Risk Rating: H
Legal Background
Enabling Legislation Constraints Uses and Abuses Challenges
Enabling Legislation
NDNAD'sUK – 3.8 million samples by Jan 2007 (6%)CanadaAustraliaNZUSA
Prum: “Member States shall open and keep national DNA analysis files for the investigation of criminal offences”
Constraints
PrivacyHuman RightsUS ConstitutionCommon LawPrivacy Acts
Data Protection Law
Challenges
UK – via HRA 1998 Articles 8 and/or 14R v Marper – now at ECHR (27 Feb 2008)
US – via 4th AmendmentUS v KincadeJohson v Quander
Canada – via s.8 of CCRFR v Rodgers
Uses and Abuses
Collection and RetentionForensic DNAD'sOther DNAD's
Data Sharing Privacy Challenges Evidence Scope Creep Ethics - What is identity?
Conclusion
ID fraud becomes worse if there is a single strong identifier
Biometrics do not offer non-repudiation Biometrics should be confined to smart
cards or encrypted if on databases Biometrics are useless once compromised
Questions
laurence.edge@resultex.co.nz