State use of biometric data: good or bad?

Biometric data is being harnessed the world over as a way of identifying us and protecting us from the fraudulent use of our personal information. And governments around the globe are making good use of such data. For example, India’s Aadhaar system, which makes use of biometric data to get rid of duplicate and false personal data in lists of state benefit recipients, has helped save an estimated USD 9 billion and is also helping many of the poor in India acquire an official status. But the use of biometrics by governments also increases the likelihood of governments misusing information to control the populace. China, for example, is open about its use of biometrics and artificial intelligence in policing efforts. Even in the West, there are alarming statistics that could indicate government overreach. For example, the U.S. is estimated to have biometric portraits of approximately 117 million citizens, and the U.K. has similar portraits of 12.5 million citizens – many of whom have no criminal records.

This collection and storage of biometric data is fundamentally changing the relationship between citizens and the state, and many citizens are challenging government storage and usage of biometric data. In the U.K., activist groups have filed lawsuits challenging the use of automatic face recognition by the police; in the U.S., testing of a facial recognition program have ceased. Even in India, the Supreme Court ruled that forcing Indians to use Aadhaar violated the right to privacy that is “an integral element of the right to life and personal liberty”.

Perhaps even more alarming is that many of these systems are not secure. This could lead to massive problems in the future (even larger than non-biometric data breaches) as biometric data cannot be changed, and errors in such systems are notoriously difficult to correct. Misuse or improperly-handled biometric data could be used for a myriad of actions that are harmful to us, all without our knowledge or consent. We must be vigilant and guarded in order to ensure that our data and privacy remain well-protected and within our control.