OTRAS PATOLOGÍAS

There are considerable criticisms surrounding biometrics. Despite important benefits over prior security measures and comparable technologies, there are issues and concerns. Many people realized the significant advantages as the technology has improved and used for monitoring and controlling identity (Bocozk, Buster, Fitzgerald III, Vacca, Welsh, & Wulf, 2005). A major negative concern is tracking. According to Electronic Frontier Foundation (2007):

By far the most significant negative aspect of biometric ID systems is their potential to locate and track people physically. While many surveillance systems seek to locate and track, biometric systems present the greatest danger precisely because they promise extremely high accuracy. (p. 4)

The other controversy surrounding biometrics is the loss of privacy (Archarya, 2006; Baird, 2002; Cavoukian, 1999; European Commission, 2005; Jain, Ross, &

Prabhakar, 2004; Jain, Bolle, & Pankanti, n.d; Newton & Woodward, 2001; NSTC, 2006d; Vollmer, 2006). As the rate of global implementation and adoption of biometrics systems increased, the concern that privacy and individual rights were invaded increased.

“In the United States, the freedom of the individual is perceived to be closely related to

his ability to operate somewhat autonomously and anonymously in the eyes of the state as well as other organizations” (Woodward, Webb, Newton, Bradley, & Rubenson, 2001, p.

22) that collected data from individuals without permission.

Privacy is what individuals do in their own space where they determined how and with whom to interact “either with trust, openness and sense of freedom, or with distrust, fear and a sense of insecurity” (Cavoukian, 1999, p. 29). Furthermore, privacy is where the individual’s interest and autonomy that usually will arise as an assertion against other people or organizations are threatened (NSTC, 2006d). Privacy advocates have raised concerns that biometrics technology will invade confidentiality and violate individual rights (Vollmer, 2006). On the other hand, biometrics is not inherently good or bad for privacy but can impact individual rights based on how it is designed, developed, and deployed (Pilgrim, 2007). Privacy apprehension was one of the significant problems confronting not only the biometrics industry but also any organization that gathered personal information (ANSI, 2005).

Key apprehensions of privacy issues related to the data subject, the individual, or the organization that gathered biometrics data. Perhaps the increasing discussions of privacy issues focused on individuals because users have no control over the distribution of their data and were wary of data misuse (Allan, 2002). Tiresias (2008) characterized different forms of privacy as:

Privacy Protective: A privacy-protective system is one used to protect or limit access to personal information, or which provides a means for an individual to establish a trusted identity.

Privacy Sympathetic: A privacy-sympathetic system is one that limits access to and usage of personal data and in which decisions regarding design issues such as storage and transmission of biometric data are informed, if not driven, by privacy concerns.

Privacy Neutral: A privacy-neutral system is one in which privacy is not an issue, or in which the potential privacy impact is slight. Privacy-neutral systems are difficult to misuse from a privacy perspective but do not have the capability to protect personal privacy.

Privacy Invasive: A privacy-invasive system facilitates or enables the usage of personal data in a fashion inconsistent with generally accepted privacy principles.

(p. 8)

Despite the increasing concern of privacy, another debate over the adoption of biometrics is about physical privacy that focused on user freedoms and continue to raise greater anxiety of the state watching (Archarya, 2005; ANSI, 2005; Rand, 2001;

Woodward, Webb, Newton, Bradley & Rubenson, 2001). Privacy advocates object to the use of biometrics and other verification tools for collecting individual’s information for fear of having a “ ‘surveillance society’ in which governments and private corporations were collecting increasing amounts of personal data, sometimes without justification”

(Archarya, 2005, p. 8).

Such a situation is dubbed “Big Brother” and is a social control mechanism (Archarya, 2005; Cavoukian, 1999; Lease, 2005). ANSI (2005) and Woodward et al.

(2001), on the other hand, elevated the trepidation of physical privacy that included stigmatization, actual harm, and hygiene. An example of stigmatization is the association

of fingerprinting with criminal activity (ANSI, 2005; Woodward et al., 2001). Another major criticism and disapproval of biometrics is referred to as function creep (Archarya, 2005; ANSI, 2005; Lease, 2005; Liu, 2008; Mordini & Petrini, 2007; Pilgrim, 2007).

This will occur when the data collected for one specific purpose is subsequently used for another unintended exploit without justification or authorization of the data subjects (Archarya, 2005). This violated accepted privacy principles (Tiresias, 2008). Lease (2005) cited a typical example of function creep in the following instance:

The classic example of function creep is the use of the Social Security Number (SSN) ... the original Social Security cards containing the SSN bore the legend,

“Not for Identification”... By 1961, the IRS began using the SSN for tax identification purposes. By 2002, countless transactions from credit to

employment to insurance to many states’ drivers licenses require a Social Security Number and countless private organizations ask for it even when it is not needed specifically for the transaction at hand. (p. 57)

Today, social security numbers are stolen and used to commit criminal activities such as identity fraud.

Other controversial concerns surrounding biometrics are the collection of data catalogued (Watkins, 2007). Humans see this as the mere reduction of individuals as identifiers that can be associated to commit crimes. It is difficult to easily substitute biometric data compared to credit card (Watkins, 2007). Once the digital identifier is breached, it is not possible to use it for identification, authentication, and comparisons of records in the central database. The automation of recognition is another controversy of the technology (Watkins, 2007). The reason to automate the process is to avoid human

errors. If the system fails, who will be responsible to correct the mistakes? It must be realized that the cost might be consequential.

The growing health concern is another cause of apprehension. Users have raised the anxiety of the cleanliness of sensors used to capture data from fingerprint, iris, and facial scans (Bocozk, Buster, Fitzgerald III, Vacca, Welsh, & Wulf, 2005). Although there is no report that confirmed any health issue associated with biometrics, however, this can instill fear on users and discourage them from biometrics enrollment and verification process.

Such concern really merited further investigation from health professionals, vendors, and biometrics subject experts. The religious objection can arise from different groups. This is particularly necessary due to legal and societal emphasis of respect on religious beliefs (Bocozk et al, 2005). These controversies notwithstanding, (Lease, 2005) further stated that “supporters of biometric authentication systems argue that properly deployed and with adequate best practice controls, biometric systems can actually function to enhance and protect privacy” (p. 57).

It is important to recognize the need for privacy principles, formulate, and align capability with an intention to protect users from unauthorized intrusion. Biometrics experts claimed that the potential application of the technology is tremendous. Its use and, consequently, its acceptance is inevitable (Cavoukian, 1999). However, as

governments continued to adopt and rapidly implement the technology, the privacy of the individual has been threatened (Vollmer, 2006). It is, therefore, necessary to implement protective safeguards in conjunction with the technology so that public safety and protection are maximized while the intrusion of individual’s privacy is minimized

(Vollmer, 2006). This will avoid the anxiety of stigmatization. Still, the protection of personal privacy will partly depend on system design, implementation, training, and usability.

Businesses will need to accept the responsibility to protect customer data and, therefore, privacy. “To appropriately and effectively balance the use of biometric information for legitimate business purposes with the customer’s right to privacy, companies should adopt and implement the fair information practices and requirements”

(Cavoukian, 1999, p. 44). Some of the fair information practices and requirements are to minimize or avoid unauthorized data collection, unnecessary/unreasonable collection of data, unauthorized use, and unauthorized disclosure (Cavoukian, 1999).

Contrary to Cavoukian’s stated position, ANSI (2005) offered the solution of biometrics application through privacy enhancing technologies (PETs). These are coherent systems of information and communication technology (ICT) measures that protected privacy through an elimination or reduction of personal data or through prevention of unnecessary and/or undesired processing of personal data—all without losing the functionality of the data system.

Technology is not foolproof and using biometrics to verify and identify

individuals will continue to cause public outcry from privacy watchdogs. It is important, therefore, that safeguards are incorporated and that organizations implemented sufficient privacy principles to protect individual’s security and minimize the compromise of customer data. This will give subjects the assurance that information about them are controlled and protected and not sold to third-party vendors as data aggregates or stolen

to be used in criminal activities. The public will trust organizations with their data and the system will be seen as enhancing security and protecting privacy.

Part 5: Biometrics Adoption and the Technology Acceptance Model (TAM)