In a recently released white paper, Information and Privacy commissioner of Ontario, Canada, Ann Cavoukian, and biometrics scientist Alex Stoianov, argue that a new biometric technology removes the privacy risks and concerns leveled at traditional biometric technology. Biometrics, which uses personal characteristics such as digital fingerprints and iris scans to identify individuals, has been criticized for its vulnerability to abuse by governments and to identity theft. Some U.S. agencies rely on digital fingerprints for identification, such as the U.S. VISIT program, which fingerprints visiting foreigners entering the United States. Those fingerprints are stored in a database.
In their white paper, Cavoukian and Stoianov acknowledge that "done poorly, biometric technologies can be highly privacy-invasive. Biometric data, once collected, can be stored, shared and used for numerous secondary purposes, inviting potential discrimination and identity theft."
But an emerging technology called Biometric Encryption dispenses with the need to store an image of, say, a fingerprint in a database in favor of using "the fingerprint [image] to encrypt or code some other information, like a PIN or account number, or cryptographic key, and only store the biometrically encrypted code, not the biometric itself. This removes the need for public or private sector organizations to collect and store actual biometric images in their database."
The technology, however, may not be enough to assuage fears in the European Union, which is facing strong opposition from citizens in all 27 EU countries to a proposed central fingerprint database, the London Times Online reports.