Expert warns facial biometrics could compromise privacy

As facial biometric technology becomes increasingly ubiquitous, IT experts warn that these systems can easily be abused and therefore require stringent privacy policies and data encryption.

In an interview with Information Security Media Group, Beth Givens, the founder and director of the Privacy Rights Clearinghouse, cautioned that organizations using biometric facial solutions should encrypt their data.

“If they back up those applications with good, solid privacy policies and practices, they’ll be in good shape,” she said.

Givens explained that a major problem with facial recognition technology is the chance that sensitive information could be compromised. As evidence, Givens pointed to a Carnegie Mellon University study where researchers used only a photo of a person’s face and publicly available information to track down that individual’s birth date, personal interests, and Social Security number.

“To me, that’s astounding,” Givens said. “There are many places where you can get a person’s birth date; in fact, that’s public information. But being able to link it to a Social Security number as well as personal interest is another matter entirely, that takes it to an all new level.”

To help protect against the loss of sensitive data, Givens encouraged organizations to investigate biometric encryption.