SlideShare uma empresa Scribd logo

Biometric Personal Data, Legal and Technological Utilization Issues

Transferir como PPTX, PDF
G
GiannisBasa

Dados e análise
1 de 20
BIOMETRIC PERSONAL DATA LEGAL AND TECHNOLOGICAL UTILIZATION ISSUES GIANNIS BASA | LinkedIn | johbasa@gmail.com
TABLE OF CONTENTS 02 BIOMETRY FACE RECOGNITION ADVANTAGES OF BIOMETRIC DATA ETHICAL AND LEGAL ISSUES TECHNOLOGICAL WEAKNESSES APPLICATIONS EUROPE AND BIOMETRIC DATA US AND BIOMETRIC DATA CHINA AND BIOMETRIC DATA POINTS FOR CONSIDERATION
03 BIOMETRY The word ‘biometrics’ comes from the Greek words ‘βίος’ (meaning life) and ‘μετρον’ (meaning measure). Biometrics refers to the identification or verification of a person, based on some physiological and / or behavioral characteristics.
04 FACE RECOGNITION Face recognition is a method that is used daily and is essential for effective communication and interaction between people. Face recognition covers a wide range of scientific fields and presents a variety of applications such as, entry controls, surveillance, security, surveillance systems and a number of many other applications.
05 ADVANTAGES OF BIOMETRIC DATA Methods that use biometric identification are particularly effective because they use biometric data that is unique to each person. Biometric data are permanent and non-modifiable. Unlike traditional methods of identification such as licence or identity, biometric data is not transferred to another person nor is stolen. Finally, using biometric data in identification systems achieves a higher speed of verification compared to conventional identification methods.
06 ETHICAL AND LEGAL ISSUES There is no Consent to Receive the Data Biases There is an Automated Surveillance Operates without a Clear Legal Framework It violates the Principles of Necessity Violation of the Right to Privacy It affects Political Culture Data Theft
07 TECHNOLOGICAL WEAKNESSES 2003 The first report on the accuracy of facial recognition algorithms from the National Institute of Standards and Technology (NIST). Researchers from Microsoft and MIT have investigated the accuracy of the distinctions made by facial recognition algorithms. 2018 2019 Another study on the reliability of facial recognition algorithms from the National Institute of Standards and Technology (NIST). Access and leak biometric data from India's largest national database, Aadhaar. 20182014 Marriott data breach. British Airways data breach. 2020
08 FACE RECOGNITION APLICCATIONS FACIAL RECOGNITION INPUT CONTROL SECURITY RESEARCH IN DATABASES GENERAL DETERMINATION OF DATA MONITORING 0 20 40 60 80 100 120 140 Shanghai Suzhou Harbin Xiamen Qingdao Kunming Hangzhou Beijing Changsha London Wuxi Taiyuan CAMERAS CITIES CCTV: The Most Surveilled Cities in the World Cities with the most surveillence cameras per 1,000 inhabitants in 2020 Based on an analysis of the 150 most populated cities in the world. Source: Comparitech
09 WHAT IS GDPR The General Regulation on Personal Data Protection, which entered into force on May 25, 2018, replaced the Data Protection Directive of 1995 and is the strongest law on privacy and security in the world. The increasing use of computers and the data that results from them has led to the need to establish new rules and laws for their management and protection. The GDPR refers to companies with independent headquarters as long as they target or collect data from people located in the European Union. The regulation protects privacy and security by imposing strong sanctions on those who violate them. Finally, the GDPR requires the full compliance of EU Member States. Personal data is included in the biometric data according to the GDPR and is classified as sensitive data, as any processing of these could pose risks to fundamental rights and freedoms.
10 PROCESSING OF PERSONAL DATA According to Article 9 of the GDPR there are cases where the processing of personal data is allowed. When explicit consent has been given to the processing of the data, unless prohibited by European Union or Member State law. When this data is used in the fields of employment, social security and social protection. When it is necessary to protect the vital interests of the subject but the data subject is physically or legally incapable of giving consent. When the processing is carried out in the framework of the legal activities of an organization and without them being disseminated outside it without the consent of the subject. When data is made public by the data subject. When they are used for recommendation, action or defense of legal claims. When necessary for reasons of public interest under the law of the Union. When necessary for the purposes of preventive or occupational medicine. When processing is permitted for reasons of public interest in the field of public health. Finally, when the processing is necessary for purposes of public interest, scientific, historical or statistical purposes.
11 RIGHTS The Right to be Forgotten According to Article 17 of the GDPR, those who have the data in a database are given the opportunity to request that the data be deleted without any delay and on the other hand the administrator is obliged to delete them. Conditions of Consent According to recital 32, for the processing of the data of the subject there must be full and clear consent that establishes a clear, up-to- date and free indication of the agreement. The Right of Access Article 15 of the GDPR clearly describes the ability of the data subject to access data related to him, the type of processing that takes place in them and in which cases it takes place. Obligation to Inform According to Recital 60, the data subject should be aware of the processing of his data and its purposes. On the other hand, the data manager should inform the subject about the processing and the context in which it takes place. Data Transfer Right In Recital 68, it is described that in order to further enhance the data the data subject must be able to transfer his data from one administrator to another. Data breach must be reported within 72 hours The GDPR also includes measures aimed at enhancing business security. For example, if a company discovers a data breach, then the processors must notify the authorities within 72 hours of their discovery.
According to the DPA, the data subject can access his data and be aware of the processing it undergoes. Their rights are as follows: Be informed about the use of the data. Ability to access them. Ability to update them. Ability to delete them. Right to restrict, pause or even oppose the processing of data. Ability to download and reuse data in other services. 12 The Data Protection Act 2018 UK The Data Protection Act is the implementation of the GDPR in the United Kingdom. Any public or private authority managing biometric data should apply the following: He must use them correctly, fairly and transparently. He must use them for specific purposes. Use should be limited to what is necessary. Data must be kept accurate and up to date. They should not be stored for a long time and not longer than they need to be. Maintaining and ensuring their protection.
13 FACE RECOGNITION IN THE USA In the United States of America, unlike the European Union, there is no single regulation for the protection and security of personal data and specifically for biometric data, but individual states have different laws and regulations for this data. To date, the states of Illinois, Texas and Washington have been the first to enact biometric data protection laws. In addition, companies and organizations have established guidelines based on which they develop and use new technologies and data. Microsoft in 2019, through its president Brad Smith, spoke about the responsible attitude that technology companies should have. Microsoft also refused to provide facial recognition technology and install it on police cars in California. This move by Microsoft was followed by Amazon and IBM. Finally, Facebook has agreed with the Federal Trade Commission that it must have explicit consent before proceeding with any privacy policy.
14 Source: https://www.banfacialrecognition.com BAN FACIAL RECOGNITION An interactive map showing where face recognition technology is being used, where it will be used in the future, and where an attempt is being made to control the technology.
15 Illinois (2008) The first law on the protection of the privacy of biometric information (Biometric information Privacy Act) was adopted. Texas (2009) Texas was the second state to enact biometric data protection law. Washington (2017) Legislation passed in Washington does not include biometric data from photos or videos. Massachusetts (2019) In June (2019), the city councils of Somerville and three other cities, Northampton, Cambridge and Brookline, voted unanimously to ban face recognition technology in both public services and police departments. California (2020) The California Consumer Privacy Act is the most important piece of legislation on biometric data protection. New York (2020) In March 2020, the bill came into force: Stop Hacks and improve Electronic Data Security Act (SHIELD Act). LEGISLATIONS AND BIOMETRIC DATA
16 Biometric information Privacy Act According to BIPA, biometric data is any data, regardless of how it is collected, stored, transferred, that is used to identify an individual. BIPA provides the following capabilities to consumers: • Deleting their data. • It is forbidden to collect, purchase or obtain biometric data in any way. • It is also forbidden to speculate on their customers' data. This data should not be distributed or disclosed. • Maintaining the security and integrity of data. California Consumer Privacy Act According to the CCPA, biometric data is part of a wide range of data that includes physiological, biological and behavioral data, which are used to identify an individual. In particular, the law stipulates that companies are obliged to inform their customers about the data they collect. On the other hand, customers have the opportunity to know if a company collects data and for what reason it does so, as well as if the company sells this data and to whom, but also the ability to demand non-sale of personal data and the right delete them. BIPA & CCPA
17 CHINA Law on Personal Data Protection In October (2020), the Chinese government introduced the Personal Information Protection Law. This law has many influences from the GDPR and is essentially the first comprehensive data protection law in China. According to the draft law, face recognition data are included in biometric data. Biometric data is considered sensitive data and any leak or misuse of it may damage the reputation, property, physical or mental health of the data subject. Before collecting any biometric data, the data subject should be informed of anything to do with the collection and use of such information and also obtain the express consent of the data subject. With regard to the storage of biometric data, the law stipulates that authentic biometric data should not be stored. Biometric data are prohibited from being transferred. Any disclosure of personal biometric data is prohibited. Data transfer and storage must be clearly stated and protection measures must be taken to ensure data integrity.
18 176 626 0 100 200 300 400 500 600 700 2017 2020 NUMBEROFSURVEILLANCECAMERASINMILLIONUNITS Number of surveillance cameras installed in public and private areas of China in 2017 with a projection for 2020 Source: https://www.statista.com/statistics/879198/china-number-of-installed-surveillance-cameras/ THE SURVEILLANCE SYSTEM OF CHINA IN NUMBERS In the name of public safety, the Chinese government has in recent years developed a huge network of cameras that support face recognition technology, collecting biometric data for the entire population.
19 APPLICATIONS OF SURVEILLANCE SYSTEM IN CHINA Face recognition systems in the transport network. To provide any service to mobile phone companies. In universities, for security reasons and to control student participation. For payment in popular applications. As early as 2017 and in physical stores of the well-known chain KFC, customers can now pay by scanning their face. For the identification of offenders in road rules. For the purchase of specific drugs. For security reasons at the entrance of hospitals. To locate criminals and fugitives. Check to avoid stealing toilet paper. The control of the Uighurs, a Muslim minority in the west of the country, using technology for racist social control.
20 THINGS TO IMPROVE In addition to the remarkable development of technology, several more steps need to be taken to refine the identification systems and to avoid erroneous predictions with consequences for the person and the security systems in order to avoid data leakage or theft. States also need to take several steps to enact stronger laws and regulations to ensure the integrity of this data and the protection of their inhabitants. Finally, the relationship of the state with the citizen and the way in which the state manages and processes the data must be clarified, so that the freedom and privacy of the citizens are not violated.

Recomendados

Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalData Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Dr. Donald Macfarlane
 
Relationship between data protection and m&a (1)
Relationship between data protection and m&a (1)Relationship between data protection and m&a (1)
Relationship between data protection and m&a (1)
Ashish vishal
 
GDPR - Are you ready?
GDPR - Are you ready?GDPR - Are you ready?
GDPR - Are you ready?
VILT
 
Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...
Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...
Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...
Andrea Omicini
 
01.05.2020 finalised joint representation on aarogya setu
01.05.2020 finalised joint representation on aarogya setu01.05.2020 finalised joint representation on aarogya setu
01.05.2020 finalised joint representation on aarogya setu
ZahidManiyar
 
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz..."Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
Cédric Laurant
 
Key Issues on the new General Data Protection Regulation
Key Issues on the new General Data Protection RegulationKey Issues on the new General Data Protection Regulation
Key Issues on the new General Data Protection Regulation
Olivier Vandeputte
 
Data theft rules and regulations things you should know (pt.1)
Data theft rules and regulations things you should know (pt.1)Data theft rules and regulations things you should know (pt.1)
Data theft rules and regulations things you should know (pt.1)
Faidepro
 

Recomendados

Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalData Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Dr. Donald Macfarlane
 
Relationship between data protection and m&a (1)
Relationship between data protection and m&a (1)Relationship between data protection and m&a (1)
Relationship between data protection and m&a (1)
Ashish vishal
 
GDPR - Are you ready?
GDPR - Are you ready?GDPR - Are you ready?
GDPR - Are you ready?
VILT
 
Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...
Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...
Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...
Andrea Omicini
 
01.05.2020 finalised joint representation on aarogya setu
01.05.2020 finalised joint representation on aarogya setu01.05.2020 finalised joint representation on aarogya setu
01.05.2020 finalised joint representation on aarogya setu
ZahidManiyar
 
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz..."Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
Cédric Laurant
 
Key Issues on the new General Data Protection Regulation
Key Issues on the new General Data Protection RegulationKey Issues on the new General Data Protection Regulation
Key Issues on the new General Data Protection Regulation
Olivier Vandeputte
 
Data theft rules and regulations things you should know (pt.1)
Data theft rules and regulations things you should know (pt.1)Data theft rules and regulations things you should know (pt.1)
Data theft rules and regulations things you should know (pt.1)
Faidepro
 
GDPR and Analytics
GDPR and AnalyticsGDPR and Analytics
GDPR and Analytics
brunomase
 
An overview of the Indian Data Privacy Bill
An overview of the Indian Data Privacy Bill An overview of the Indian Data Privacy Bill
An overview of the Indian Data Privacy Bill
Komal Gadia
 
Information governance a_necessity_in_to
Information governance a_necessity_in_toInformation governance a_necessity_in_to
Information governance a_necessity_in_to
Anne ndolo
 
Data Protection in India
Data Protection in IndiaData Protection in India
Data Protection in India
Home
 
E Commerce Platform Data Ownership and Legal Protection
E Commerce Platform Data Ownership and Legal ProtectionE Commerce Platform Data Ownership and Legal Protection
E Commerce Platform Data Ownership and Legal Protection
ijtsrd
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)
BenjaminShalevSalovi
 
Uchi data local presentation 2020
Uchi data local presentation 2020Uchi data local presentation 2020
Uchi data local presentation 2020
Christo W. Meyer
 
Know your rights protection against facial recognition software.
Know your rights protection against facial recognition software.Know your rights protection against facial recognition software.
Know your rights protection against facial recognition software.
Diganth Raj Sehgal
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)
Extentia Information Technology
 
HIPAA Privacy, Security, Breach Overview
HIPAA Privacy, Security, Breach OverviewHIPAA Privacy, Security, Breach Overview
HIPAA Privacy, Security, Breach Overview
HealthCare Too, LLC
 
Privacy and Data Protection CLE Presentation for Touro Law Center
Privacy and Data Protection CLE Presentation for Touro Law CenterPrivacy and Data Protection CLE Presentation for Touro Law Center
Privacy and Data Protection CLE Presentation for Touro Law Center
Jonathan Ezor
 
Ch 17 data protections act
Ch 17 data protections actCh 17 data protections act
Ch 17 data protections act
Khan Yousafzai
 
Personal data protection bill
Personal data protection bill Personal data protection bill
Personal data protection bill
Mathew Chacko
 
Examples of international privacy legislation
Examples of international privacy legislationExamples of international privacy legislation
Examples of international privacy legislation
Ulf Mattsson
 
An Indian Outline on Database Protection
An Indian Outline on Database ProtectionAn Indian Outline on Database Protection
An Indian Outline on Database Protection
Singhania2015
 
Unit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hrUnit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hr
Tushar Rajput
 
Data Protection: Transitioning to the GDPR
Data Protection: Transitioning to the GDPRData Protection: Transitioning to the GDPR
Data Protection: Transitioning to the GDPR
ImogenRutherford
 
Guide to-the-general-data-protection-regulation
Guide to-the-general-data-protection-regulationGuide to-the-general-data-protection-regulation
Guide to-the-general-data-protection-regulation
N N
 
Star II sme hotline 21.01.20
Star II sme hotline 21.01.20Star II sme hotline 21.01.20
Star II sme hotline 21.01.20
Trilateral Research
 
Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...
Werksmans Attorneys
 
Cie 2 cyber law
Cie 2 cyber lawCie 2 cyber law
Cie 2 cyber law
Mahua Narayan
 
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docxhttpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
adampcarr67227
 

Mais conteúdo relacionado

Mais procurados

E Commerce Platform Data Ownership and Legal Protection
E Commerce Platform Data Ownership and Legal ProtectionE Commerce Platform Data Ownership and Legal Protection
E Commerce Platform Data Ownership and Legal Protection
ijtsrd
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)
Extentia Information Technology
 
Ch 17 data protections act
Ch 17 data protections actCh 17 data protections act
Ch 17 data protections act
Khan Yousafzai
 
Guide to-the-general-data-protection-regulation
Guide to-the-general-data-protection-regulationGuide to-the-general-data-protection-regulation
Guide to-the-general-data-protection-regulation
N N
 
Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...
Werksmans Attorneys
 

Mais procurados (20)

GDPR and Analytics
GDPR and AnalyticsGDPR and Analytics
GDPR and Analytics
 
An overview of the Indian Data Privacy Bill
An overview of the Indian Data Privacy Bill An overview of the Indian Data Privacy Bill
An overview of the Indian Data Privacy Bill
 
Information governance a_necessity_in_to
Information governance a_necessity_in_toInformation governance a_necessity_in_to
Information governance a_necessity_in_to
 
Data Protection in India
Data Protection in IndiaData Protection in India
Data Protection in India
 
E Commerce Platform Data Ownership and Legal Protection
E Commerce Platform Data Ownership and Legal ProtectionE Commerce Platform Data Ownership and Legal Protection
E Commerce Platform Data Ownership and Legal Protection
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)
 
Uchi data local presentation 2020
Uchi data local presentation 2020Uchi data local presentation 2020
Uchi data local presentation 2020
 
Know your rights protection against facial recognition software.
Know your rights protection against facial recognition software.Know your rights protection against facial recognition software.
Know your rights protection against facial recognition software.
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)
 
HIPAA Privacy, Security, Breach Overview
HIPAA Privacy, Security, Breach OverviewHIPAA Privacy, Security, Breach Overview
HIPAA Privacy, Security, Breach Overview
 
Privacy and Data Protection CLE Presentation for Touro Law Center
Privacy and Data Protection CLE Presentation for Touro Law CenterPrivacy and Data Protection CLE Presentation for Touro Law Center
Privacy and Data Protection CLE Presentation for Touro Law Center
 
Ch 17 data protections act
Ch 17 data protections actCh 17 data protections act
Ch 17 data protections act
 
Personal data protection bill
Personal data protection bill Personal data protection bill
Personal data protection bill
 
Examples of international privacy legislation
Examples of international privacy legislationExamples of international privacy legislation
Examples of international privacy legislation
 
An Indian Outline on Database Protection
An Indian Outline on Database ProtectionAn Indian Outline on Database Protection
An Indian Outline on Database Protection
 
Unit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hrUnit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hr
 
Data Protection: Transitioning to the GDPR
Data Protection: Transitioning to the GDPRData Protection: Transitioning to the GDPR
Data Protection: Transitioning to the GDPR
 
Guide to-the-general-data-protection-regulation
Guide to-the-general-data-protection-regulationGuide to-the-general-data-protection-regulation
Guide to-the-general-data-protection-regulation
 
Star II sme hotline 21.01.20
Star II sme hotline 21.01.20Star II sme hotline 21.01.20
Star II sme hotline 21.01.20
 
Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...
 

Semelhante a Biometric Personal Data, Legal and Technological Utilization Issues

httpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docxhttpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
adampcarr67227
 
1Ethical Biometric Use23 Feb 2020Table of Cont.docx
1Ethical Biometric Use23 Feb 2020Table of Cont.docx1Ethical Biometric Use23 Feb 2020Table of Cont.docx
1Ethical Biometric Use23 Feb 2020Table of Cont.docx
aulasnilda
 
1Ethical Biometric Use23 Feb 2020Table of Cont.docx
1Ethical Biometric Use23 Feb 2020Table of Cont.docx1Ethical Biometric Use23 Feb 2020Table of Cont.docx
1Ethical Biometric Use23 Feb 2020Table of Cont.docx
RAJU852744
 
Ronit Mathur Cyber Security assesment.pptx
Ronit Mathur Cyber Security assesment.pptxRonit Mathur Cyber Security assesment.pptx
Ronit Mathur Cyber Security assesment.pptx
ManuGupta344215
 
Data Privacy and consent management .. .
Data Privacy and consent management .. .Data Privacy and consent management .. .
Data Privacy and consent management .. .
ClinosolIndia
 
iSPIRT's Response on Digital Information Security in Healthcare Act (DISHA)
iSPIRT's Response on Digital Information Security in Healthcare Act (DISHA)iSPIRT's Response on Digital Information Security in Healthcare Act (DISHA)
iSPIRT's Response on Digital Information Security in Healthcare Act (DISHA)
ProductNation/iSPIRT
 

Semelhante a Biometric Personal Data, Legal and Technological Utilization Issues (20)

Cie 2 cyber law
Cie 2 cyber lawCie 2 cyber law
Cie 2 cyber law
 
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docxhttpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
 
DATA SAFEGUARD INC.- WHITE PAPER
DATA SAFEGUARD INC.- WHITE PAPERDATA SAFEGUARD INC.- WHITE PAPER
DATA SAFEGUARD INC.- WHITE PAPER
 
Data protection & security breakfast briefing master slides 28 june-final
Data protection & security breakfast briefing master slides 28 june-finalData protection & security breakfast briefing master slides 28 june-final
Data protection & security breakfast briefing master slides 28 june-final
 
Data privacy Legislation in India
Data privacy Legislation in IndiaData privacy Legislation in India
Data privacy Legislation in India
 
1Ethical Biometric Use23 Feb 2020Table of Cont.docx
1Ethical Biometric Use23 Feb 2020Table of Cont.docx1Ethical Biometric Use23 Feb 2020Table of Cont.docx
1Ethical Biometric Use23 Feb 2020Table of Cont.docx
 
1Ethical Biometric Use23 Feb 2020Table of Cont.docx
1Ethical Biometric Use23 Feb 2020Table of Cont.docx1Ethical Biometric Use23 Feb 2020Table of Cont.docx
1Ethical Biometric Use23 Feb 2020Table of Cont.docx
 
The U.S. Healthcare Implications of Europe’s Stricter Data Privacy Regulation
The U.S. Healthcare Implications of Europe’s Stricter Data Privacy RegulationThe U.S. Healthcare Implications of Europe’s Stricter Data Privacy Regulation
The U.S. Healthcare Implications of Europe’s Stricter Data Privacy Regulation
 
Challenges to Achieve Privacy for Online Consumers in Mexico
Challenges to Achieve Privacy for Online Consumers in MexicoChallenges to Achieve Privacy for Online Consumers in Mexico
Challenges to Achieve Privacy for Online Consumers in Mexico
 
[REPORT PREVIEW] GDPR Beyond May 25, 2018
[REPORT PREVIEW] GDPR Beyond May 25, 2018[REPORT PREVIEW] GDPR Beyond May 25, 2018
[REPORT PREVIEW] GDPR Beyond May 25, 2018
 
Smart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislationSmart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislation
 
Data protection
Data protectionData protection
Data protection
 
GDPR: how IT works
GDPR: how IT worksGDPR: how IT works
GDPR: how IT works
 
Ronit Mathur Cyber Security assesment.pptx
Ronit Mathur Cyber Security assesment.pptxRonit Mathur Cyber Security assesment.pptx
Ronit Mathur Cyber Security assesment.pptx
 
PERSONAL-DATA-PROTECTION-BILL-2018.pptx
PERSONAL-DATA-PROTECTION-BILL-2018.pptxPERSONAL-DATA-PROTECTION-BILL-2018.pptx
PERSONAL-DATA-PROTECTION-BILL-2018.pptx
 
The Evolution of Data Privacy - A Symantec Information Security Perspective o...
The Evolution of Data Privacy - A Symantec Information Security Perspective o...The Evolution of Data Privacy - A Symantec Information Security Perspective o...
The Evolution of Data Privacy - A Symantec Information Security Perspective o...
 
Data Privacy and consent management .. .
Data Privacy and consent management .. .Data Privacy and consent management .. .
Data Privacy and consent management .. .
 
Data privacy and consent management (K.sailaja).pptx
Data privacy and consent management (K.sailaja).pptxData privacy and consent management (K.sailaja).pptx
Data privacy and consent management (K.sailaja).pptx
 
iSPIRT's Response on Digital Information Security in Healthcare Act (DISHA)
iSPIRT's Response on Digital Information Security in Healthcare Act (DISHA)iSPIRT's Response on Digital Information Security in Healthcare Act (DISHA)
iSPIRT's Response on Digital Information Security in Healthcare Act (DISHA)
 
User Privacy or Cyber Sovereignty Freedom House Special Report 2020
User Privacy or Cyber Sovereignty Freedom House Special Report 2020User Privacy or Cyber Sovereignty Freedom House Special Report 2020
User Privacy or Cyber Sovereignty Freedom House Special Report 2020
 

Último

Computer science Sql cheat sheet.pdf.pdf
Computer science Sql cheat sheet.pdf.pdfComputer science Sql cheat sheet.pdf.pdf
Computer science Sql cheat sheet.pdf.pdf
SayantanBiswas37
 
Top profile Call Girls In Latur [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In Latur [ 7014168258 ] Call Me For Genuine Models We ...Top profile Call Girls In Latur [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In Latur [ 7014168258 ] Call Me For Genuine Models We ...
gajnagarg
 
Jual Obat Aborsi Surabaya ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Surabaya ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Surabaya ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Surabaya ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
ZurliaSoop
 
Jual obat aborsi Bandung ( 085657271886 ) Cytote pil telat bulan penggugur ka...
Jual obat aborsi Bandung ( 085657271886 ) Cytote pil telat bulan penggugur ka...Jual obat aborsi Bandung ( 085657271886 ) Cytote pil telat bulan penggugur ka...
Jual obat aborsi Bandung ( 085657271886 ) Cytote pil telat bulan penggugur ka...
Klinik kandungan
 
Abortion pills in Jeddah | +966572737505 | Get Cytotec
Abortion pills in Jeddah | +966572737505 | Get CytotecAbortion pills in Jeddah | +966572737505 | Get Cytotec
Abortion pills in Jeddah | +966572737505 | Get Cytotec
Abortion pills in Riyadh +966572737505 get cytotec
 
Jodhpur Park | Call Girls in Kolkata Phone No 8005736733 Elite Escort Service...
Jodhpur Park | Call Girls in Kolkata Phone No 8005736733 Elite Escort Service...Jodhpur Park | Call Girls in Kolkata Phone No 8005736733 Elite Escort Service...
Jodhpur Park | Call Girls in Kolkata Phone No 8005736733 Elite Escort Service...
HyderabadDolls
 
Top profile Call Girls In dimapur [ 7014168258 ] Call Me For Genuine Models W...
Top profile Call Girls In dimapur [ 7014168258 ] Call Me For Genuine Models W...Top profile Call Girls In dimapur [ 7014168258 ] Call Me For Genuine Models W...
Top profile Call Girls In dimapur [ 7014168258 ] Call Me For Genuine Models W...
gajnagarg
 
Top profile Call Girls In Bihar Sharif [ 7014168258 ] Call Me For Genuine Mod...
Top profile Call Girls In Bihar Sharif [ 7014168258 ] Call Me For Genuine Mod...Top profile Call Girls In Bihar Sharif [ 7014168258 ] Call Me For Genuine Mod...
Top profile Call Girls In Bihar Sharif [ 7014168258 ] Call Me For Genuine Mod...
nirzagarg
 
Fun all Day Call Girls in Jaipur 9332606886 High Profile Call Girls You Ca...
Fun all Day Call Girls in Jaipur 9332606886 High Profile Call Girls You Ca...Fun all Day Call Girls in Jaipur 9332606886 High Profile Call Girls You Ca...
Fun all Day Call Girls in Jaipur 9332606886 High Profile Call Girls You Ca...
kumargunjan9515
 
Top profile Call Girls In Satna [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In Satna [ 7014168258 ] Call Me For Genuine Models We ...Top profile Call Girls In Satna [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In Satna [ 7014168258 ] Call Me For Genuine Models We ...
nirzagarg
 
DATA SUMMIT 24 Building Real-Time Pipelines With FLaNK
DATA SUMMIT 24 Building Real-Time Pipelines With FLaNKDATA SUMMIT 24 Building Real-Time Pipelines With FLaNK
DATA SUMMIT 24 Building Real-Time Pipelines With FLaNK
Timothy Spann
 
Nirala Nagar / Cheap Call Girls In Lucknow Phone No 9548273370 Elite Escort S...
Nirala Nagar / Cheap Call Girls In Lucknow Phone No 9548273370 Elite Escort S...Nirala Nagar / Cheap Call Girls In Lucknow Phone No 9548273370 Elite Escort S...
Nirala Nagar / Cheap Call Girls In Lucknow Phone No 9548273370 Elite Escort S...
HyderabadDolls
 
Top Call Girls in Balaghat 9332606886Call Girls Advance Cash On Delivery Ser...
Top Call Girls in Balaghat 9332606886Call Girls Advance Cash On Delivery Ser...Top Call Girls in Balaghat 9332606886Call Girls Advance Cash On Delivery Ser...
Top Call Girls in Balaghat 9332606886Call Girls Advance Cash On Delivery Ser...
kumargunjan9515
 
Top profile Call Girls In Hapur [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In Hapur [ 7014168258 ] Call Me For Genuine Models We ...Top profile Call Girls In Hapur [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In Hapur [ 7014168258 ] Call Me For Genuine Models We ...
nirzagarg
 
Vadodara 💋 Call Girl 7737669865 Call Girls in Vadodara Escort service book now
Vadodara 💋 Call Girl 7737669865 Call Girls in Vadodara Escort service book nowVadodara 💋 Call Girl 7737669865 Call Girls in Vadodara Escort service book now
Vadodara 💋 Call Girl 7737669865 Call Girls in Vadodara Escort service book now
gargpaaro
 
Reconciling Conflicting Data Curation Actions: Transparency Through Argument...
Reconciling Conflicting Data Curation Actions: Transparency Through Argument...Reconciling Conflicting Data Curation Actions: Transparency Through Argument...
Reconciling Conflicting Data Curation Actions: Transparency Through Argument...
Bertram Ludäscher
 

Último (20)

Computer science Sql cheat sheet.pdf.pdf
Computer science Sql cheat sheet.pdf.pdfComputer science Sql cheat sheet.pdf.pdf
Computer science Sql cheat sheet.pdf.pdf
 
Top profile Call Girls In Latur [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In Latur [ 7014168258 ] Call Me For Genuine Models We ...Top profile Call Girls In Latur [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In Latur [ 7014168258 ] Call Me For Genuine Models We ...
 
Jual Obat Aborsi Surabaya ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Surabaya ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Surabaya ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Surabaya ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
Jual obat aborsi Bandung ( 085657271886 ) Cytote pil telat bulan penggugur ka...
Jual obat aborsi Bandung ( 085657271886 ) Cytote pil telat bulan penggugur ka...Jual obat aborsi Bandung ( 085657271886 ) Cytote pil telat bulan penggugur ka...
Jual obat aborsi Bandung ( 085657271886 ) Cytote pil telat bulan penggugur ka...
 
Abortion pills in Jeddah | +966572737505 | Get Cytotec
Abortion pills in Jeddah | +966572737505 | Get CytotecAbortion pills in Jeddah | +966572737505 | Get Cytotec
Abortion pills in Jeddah | +966572737505 | Get Cytotec
 
Jodhpur Park | Call Girls in Kolkata Phone No 8005736733 Elite Escort Service...
Jodhpur Park | Call Girls in Kolkata Phone No 8005736733 Elite Escort Service...Jodhpur Park | Call Girls in Kolkata Phone No 8005736733 Elite Escort Service...
Jodhpur Park | Call Girls in Kolkata Phone No 8005736733 Elite Escort Service...
 
SAC 25 Final National, Regional & Local Angel Group Investing Insights 2024 0...
SAC 25 Final National, Regional & Local Angel Group Investing Insights 2024 0...SAC 25 Final National, Regional & Local Angel Group Investing Insights 2024 0...
SAC 25 Final National, Regional & Local Angel Group Investing Insights 2024 0...
 
Predicting HDB Resale Prices - Conducting Linear Regression Analysis With Orange
Predicting HDB Resale Prices - Conducting Linear Regression Analysis With OrangePredicting HDB Resale Prices - Conducting Linear Regression Analysis With Orange
Predicting HDB Resale Prices - Conducting Linear Regression Analysis With Orange
 
Top profile Call Girls In dimapur [ 7014168258 ] Call Me For Genuine Models W...
Top profile Call Girls In dimapur [ 7014168258 ] Call Me For Genuine Models W...Top profile Call Girls In dimapur [ 7014168258 ] Call Me For Genuine Models W...
Top profile Call Girls In dimapur [ 7014168258 ] Call Me For Genuine Models W...
 
Statistics notes ,it includes mean to index numbers
Statistics notes ,it includes mean to index numbersStatistics notes ,it includes mean to index numbers
Statistics notes ,it includes mean to index numbers
 
Top profile Call Girls In Bihar Sharif [ 7014168258 ] Call Me For Genuine Mod...
Top profile Call Girls In Bihar Sharif [ 7014168258 ] Call Me For Genuine Mod...Top profile Call Girls In Bihar Sharif [ 7014168258 ] Call Me For Genuine Mod...
Top profile Call Girls In Bihar Sharif [ 7014168258 ] Call Me For Genuine Mod...
 
Fun all Day Call Girls in Jaipur 9332606886 High Profile Call Girls You Ca...
Fun all Day Call Girls in Jaipur 9332606886 High Profile Call Girls You Ca...Fun all Day Call Girls in Jaipur 9332606886 High Profile Call Girls You Ca...
Fun all Day Call Girls in Jaipur 9332606886 High Profile Call Girls You Ca...
 
Top profile Call Girls In Satna [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In Satna [ 7014168258 ] Call Me For Genuine Models We ...Top profile Call Girls In Satna [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In Satna [ 7014168258 ] Call Me For Genuine Models We ...
 
DATA SUMMIT 24 Building Real-Time Pipelines With FLaNK
DATA SUMMIT 24 Building Real-Time Pipelines With FLaNKDATA SUMMIT 24 Building Real-Time Pipelines With FLaNK
DATA SUMMIT 24 Building Real-Time Pipelines With FLaNK
 
Nirala Nagar / Cheap Call Girls In Lucknow Phone No 9548273370 Elite Escort S...
Nirala Nagar / Cheap Call Girls In Lucknow Phone No 9548273370 Elite Escort S...Nirala Nagar / Cheap Call Girls In Lucknow Phone No 9548273370 Elite Escort S...
Nirala Nagar / Cheap Call Girls In Lucknow Phone No 9548273370 Elite Escort S...
 
Top Call Girls in Balaghat 9332606886Call Girls Advance Cash On Delivery Ser...
Top Call Girls in Balaghat 9332606886Call Girls Advance Cash On Delivery Ser...Top Call Girls in Balaghat 9332606886Call Girls Advance Cash On Delivery Ser...
Top Call Girls in Balaghat 9332606886Call Girls Advance Cash On Delivery Ser...
 
Top profile Call Girls In Hapur [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In Hapur [ 7014168258 ] Call Me For Genuine Models We ...Top profile Call Girls In Hapur [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In Hapur [ 7014168258 ] Call Me For Genuine Models We ...
 
Vadodara 💋 Call Girl 7737669865 Call Girls in Vadodara Escort service book now
Vadodara 💋 Call Girl 7737669865 Call Girls in Vadodara Escort service book nowVadodara 💋 Call Girl 7737669865 Call Girls in Vadodara Escort service book now
Vadodara 💋 Call Girl 7737669865 Call Girls in Vadodara Escort service book now
 
20240412-SmartCityIndex-2024-Full-Report.pdf
20240412-SmartCityIndex-2024-Full-Report.pdf20240412-SmartCityIndex-2024-Full-Report.pdf
20240412-SmartCityIndex-2024-Full-Report.pdf
 
Reconciling Conflicting Data Curation Actions: Transparency Through Argument...
Reconciling Conflicting Data Curation Actions: Transparency Through Argument...Reconciling Conflicting Data Curation Actions: Transparency Through Argument...
Reconciling Conflicting Data Curation Actions: Transparency Through Argument...
 

Biometric Personal Data, Legal and Technological Utilization Issues

  • 1. BIOMETRIC PERSONAL DATA LEGAL AND TECHNOLOGICAL UTILIZATION ISSUES GIANNIS BASA | LinkedIn | johbasa@gmail.com
  • 2. TABLE OF CONTENTS 02 BIOMETRY FACE RECOGNITION ADVANTAGES OF BIOMETRIC DATA ETHICAL AND LEGAL ISSUES TECHNOLOGICAL WEAKNESSES APPLICATIONS EUROPE AND BIOMETRIC DATA US AND BIOMETRIC DATA CHINA AND BIOMETRIC DATA POINTS FOR CONSIDERATION
  • 3. 03 BIOMETRY The word ‘biometrics’ comes from the Greek words ‘βίος’ (meaning life) and ‘μετρον’ (meaning measure). Biometrics refers to the identification or verification of a person, based on some physiological and / or behavioral characteristics.
  • 4. 04 FACE RECOGNITION Face recognition is a method that is used daily and is essential for effective communication and interaction between people. Face recognition covers a wide range of scientific fields and presents a variety of applications such as, entry controls, surveillance, security, surveillance systems and a number of many other applications.
  • 5. 05 ADVANTAGES OF BIOMETRIC DATA Methods that use biometric identification are particularly effective because they use biometric data that is unique to each person. Biometric data are permanent and non-modifiable. Unlike traditional methods of identification such as licence or identity, biometric data is not transferred to another person nor is stolen. Finally, using biometric data in identification systems achieves a higher speed of verification compared to conventional identification methods.
  • 6. 06 ETHICAL AND LEGAL ISSUES There is no Consent to Receive the Data Biases There is an Automated Surveillance Operates without a Clear Legal Framework It violates the Principles of Necessity Violation of the Right to Privacy It affects Political Culture Data Theft
  • 7. 07 TECHNOLOGICAL WEAKNESSES 2003 The first report on the accuracy of facial recognition algorithms from the National Institute of Standards and Technology (NIST). Researchers from Microsoft and MIT have investigated the accuracy of the distinctions made by facial recognition algorithms. 2018 2019 Another study on the reliability of facial recognition algorithms from the National Institute of Standards and Technology (NIST). Access and leak biometric data from India's largest national database, Aadhaar. 20182014 Marriott data breach. British Airways data breach. 2020
  • 8. 08 FACE RECOGNITION APLICCATIONS FACIAL RECOGNITION INPUT CONTROL SECURITY RESEARCH IN DATABASES GENERAL DETERMINATION OF DATA MONITORING 0 20 40 60 80 100 120 140 Shanghai Suzhou Harbin Xiamen Qingdao Kunming Hangzhou Beijing Changsha London Wuxi Taiyuan CAMERAS CITIES CCTV: The Most Surveilled Cities in the World Cities with the most surveillence cameras per 1,000 inhabitants in 2020 Based on an analysis of the 150 most populated cities in the world. Source: Comparitech
  • 9. 09 WHAT IS GDPR The General Regulation on Personal Data Protection, which entered into force on May 25, 2018, replaced the Data Protection Directive of 1995 and is the strongest law on privacy and security in the world. The increasing use of computers and the data that results from them has led to the need to establish new rules and laws for their management and protection. The GDPR refers to companies with independent headquarters as long as they target or collect data from people located in the European Union. The regulation protects privacy and security by imposing strong sanctions on those who violate them. Finally, the GDPR requires the full compliance of EU Member States. Personal data is included in the biometric data according to the GDPR and is classified as sensitive data, as any processing of these could pose risks to fundamental rights and freedoms.
  • 10. 10 PROCESSING OF PERSONAL DATA According to Article 9 of the GDPR there are cases where the processing of personal data is allowed. When explicit consent has been given to the processing of the data, unless prohibited by European Union or Member State law. When this data is used in the fields of employment, social security and social protection. When it is necessary to protect the vital interests of the subject but the data subject is physically or legally incapable of giving consent. When the processing is carried out in the framework of the legal activities of an organization and without them being disseminated outside it without the consent of the subject. When data is made public by the data subject. When they are used for recommendation, action or defense of legal claims. When necessary for reasons of public interest under the law of the Union. When necessary for the purposes of preventive or occupational medicine. When processing is permitted for reasons of public interest in the field of public health. Finally, when the processing is necessary for purposes of public interest, scientific, historical or statistical purposes.
  • 11. 11 RIGHTS The Right to be Forgotten According to Article 17 of the GDPR, those who have the data in a database are given the opportunity to request that the data be deleted without any delay and on the other hand the administrator is obliged to delete them. Conditions of Consent According to recital 32, for the processing of the data of the subject there must be full and clear consent that establishes a clear, up-to- date and free indication of the agreement. The Right of Access Article 15 of the GDPR clearly describes the ability of the data subject to access data related to him, the type of processing that takes place in them and in which cases it takes place. Obligation to Inform According to Recital 60, the data subject should be aware of the processing of his data and its purposes. On the other hand, the data manager should inform the subject about the processing and the context in which it takes place. Data Transfer Right In Recital 68, it is described that in order to further enhance the data the data subject must be able to transfer his data from one administrator to another. Data breach must be reported within 72 hours The GDPR also includes measures aimed at enhancing business security. For example, if a company discovers a data breach, then the processors must notify the authorities within 72 hours of their discovery.
  • 12. According to the DPA, the data subject can access his data and be aware of the processing it undergoes. Their rights are as follows: Be informed about the use of the data. Ability to access them. Ability to update them. Ability to delete them. Right to restrict, pause or even oppose the processing of data. Ability to download and reuse data in other services. 12 The Data Protection Act 2018 UK The Data Protection Act is the implementation of the GDPR in the United Kingdom. Any public or private authority managing biometric data should apply the following: He must use them correctly, fairly and transparently. He must use them for specific purposes. Use should be limited to what is necessary. Data must be kept accurate and up to date. They should not be stored for a long time and not longer than they need to be. Maintaining and ensuring their protection.
  • 13. 13 FACE RECOGNITION IN THE USA In the United States of America, unlike the European Union, there is no single regulation for the protection and security of personal data and specifically for biometric data, but individual states have different laws and regulations for this data. To date, the states of Illinois, Texas and Washington have been the first to enact biometric data protection laws. In addition, companies and organizations have established guidelines based on which they develop and use new technologies and data. Microsoft in 2019, through its president Brad Smith, spoke about the responsible attitude that technology companies should have. Microsoft also refused to provide facial recognition technology and install it on police cars in California. This move by Microsoft was followed by Amazon and IBM. Finally, Facebook has agreed with the Federal Trade Commission that it must have explicit consent before proceeding with any privacy policy.
  • 14. 14 Source: https://www.banfacialrecognition.com BAN FACIAL RECOGNITION An interactive map showing where face recognition technology is being used, where it will be used in the future, and where an attempt is being made to control the technology.
  • 15. 15 Illinois (2008) The first law on the protection of the privacy of biometric information (Biometric information Privacy Act) was adopted. Texas (2009) Texas was the second state to enact biometric data protection law. Washington (2017) Legislation passed in Washington does not include biometric data from photos or videos. Massachusetts (2019) In June (2019), the city councils of Somerville and three other cities, Northampton, Cambridge and Brookline, voted unanimously to ban face recognition technology in both public services and police departments. California (2020) The California Consumer Privacy Act is the most important piece of legislation on biometric data protection. New York (2020) In March 2020, the bill came into force: Stop Hacks and improve Electronic Data Security Act (SHIELD Act). LEGISLATIONS AND BIOMETRIC DATA
  • 16. 16 Biometric information Privacy Act According to BIPA, biometric data is any data, regardless of how it is collected, stored, transferred, that is used to identify an individual. BIPA provides the following capabilities to consumers: • Deleting their data. • It is forbidden to collect, purchase or obtain biometric data in any way. • It is also forbidden to speculate on their customers' data. This data should not be distributed or disclosed. • Maintaining the security and integrity of data. California Consumer Privacy Act According to the CCPA, biometric data is part of a wide range of data that includes physiological, biological and behavioral data, which are used to identify an individual. In particular, the law stipulates that companies are obliged to inform their customers about the data they collect. On the other hand, customers have the opportunity to know if a company collects data and for what reason it does so, as well as if the company sells this data and to whom, but also the ability to demand non-sale of personal data and the right delete them. BIPA & CCPA
  • 17. 17 CHINA Law on Personal Data Protection In October (2020), the Chinese government introduced the Personal Information Protection Law. This law has many influences from the GDPR and is essentially the first comprehensive data protection law in China. According to the draft law, face recognition data are included in biometric data. Biometric data is considered sensitive data and any leak or misuse of it may damage the reputation, property, physical or mental health of the data subject. Before collecting any biometric data, the data subject should be informed of anything to do with the collection and use of such information and also obtain the express consent of the data subject. With regard to the storage of biometric data, the law stipulates that authentic biometric data should not be stored. Biometric data are prohibited from being transferred. Any disclosure of personal biometric data is prohibited. Data transfer and storage must be clearly stated and protection measures must be taken to ensure data integrity.
  • 18. 18 176 626 0 100 200 300 400 500 600 700 2017 2020 NUMBEROFSURVEILLANCECAMERASINMILLIONUNITS Number of surveillance cameras installed in public and private areas of China in 2017 with a projection for 2020 Source: https://www.statista.com/statistics/879198/china-number-of-installed-surveillance-cameras/ THE SURVEILLANCE SYSTEM OF CHINA IN NUMBERS In the name of public safety, the Chinese government has in recent years developed a huge network of cameras that support face recognition technology, collecting biometric data for the entire population.
  • 19. 19 APPLICATIONS OF SURVEILLANCE SYSTEM IN CHINA Face recognition systems in the transport network. To provide any service to mobile phone companies. In universities, for security reasons and to control student participation. For payment in popular applications. As early as 2017 and in physical stores of the well-known chain KFC, customers can now pay by scanning their face. For the identification of offenders in road rules. For the purchase of specific drugs. For security reasons at the entrance of hospitals. To locate criminals and fugitives. Check to avoid stealing toilet paper. The control of the Uighurs, a Muslim minority in the west of the country, using technology for racist social control.
  • 20. 20 THINGS TO IMPROVE In addition to the remarkable development of technology, several more steps need to be taken to refine the identification systems and to avoid erroneous predictions with consequences for the person and the security systems in order to avoid data leakage or theft. States also need to take several steps to enact stronger laws and regulations to ensure the integrity of this data and the protection of their inhabitants. Finally, the relationship of the state with the citizen and the way in which the state manages and processes the data must be clarified, so that the freedom and privacy of the citizens are not violated.