Do Biometrics Violate Your Privacy?
Key Points
- Biometrics such as fingerprints, faces, voices, and DNA are not secret because we constantly leave them behind in everyday activities, making them widely exposed.
- The core privacy issue is not the biometric data itself but whether individuals give informed consent and how organizations store, use, and protect that data.
- Biometric systems work by first enrolling a user’s unique trait (e.g., capturing a fingerprint) and later matching it against stored templates, offering convenience but also creating a permanent identifier that cannot be easily changed like a password.
- If biometric data is compromised or spoofed, it can lead to lasting security and privacy risks since the trait cannot be “reset,” highlighting the need for robust protection and awareness of potential misuse.
Sections
- Untitled Section
- Biometrics: From Authentication to Surveillance - The speaker explains how biometric technology can verify identity but also warns that its use for identification—especially in tracking or mass surveillance—raises significant privacy concerns.
- Biometric Privacy: Consent and Risks - The speaker explains how consent, storage location, and function creep determine whether biometric data use is a legitimate authentication method or a privacy violation.
- Ensuring Ethical Use of Information - The speaker stresses focusing on the intended application of data and preventing its abuse, implying that if misuse occurs, the anticipated benefit (the “hat”) becomes unnecessary.
Full Transcript
# Do Biometrics Violate Your Privacy? **Source:** [https://www.youtube.com/watch?v=fetX12f3Z-I](https://www.youtube.com/watch?v=fetX12f3Z-I) **Duration:** 00:14:12 ## Summary - Biometrics such as fingerprints, faces, voices, and DNA are not secret because we constantly leave them behind in everyday activities, making them widely exposed. - The core privacy issue is not the biometric data itself but whether individuals give informed consent and how organizations store, use, and protect that data. - Biometric systems work by first enrolling a user’s unique trait (e.g., capturing a fingerprint) and later matching it against stored templates, offering convenience but also creating a permanent identifier that cannot be easily changed like a password. - If biometric data is compromised or spoofed, it can lead to lasting security and privacy risks since the trait cannot be “reset,” highlighting the need for robust protection and awareness of potential misuse. ## Sections - [00:00:00](https://www.youtube.com/watch?v=fetX12f3Z-I&t=0s) **Untitled Section** - - [00:05:50](https://www.youtube.com/watch?v=fetX12f3Z-I&t=350s) **Biometrics: From Authentication to Surveillance** - The speaker explains how biometric technology can verify identity but also warns that its use for identification—especially in tracking or mass surveillance—raises significant privacy concerns. - [00:10:12](https://www.youtube.com/watch?v=fetX12f3Z-I&t=612s) **Biometric Privacy: Consent and Risks** - The speaker explains how consent, storage location, and function creep determine whether biometric data use is a legitimate authentication method or a privacy violation. - [00:13:58](https://www.youtube.com/watch?v=fetX12f3Z-I&t=838s) **Ensuring Ethical Use of Information** - The speaker stresses focusing on the intended application of data and preventing its abuse, implying that if misuse occurs, the anticipated benefit (the “hat”) becomes unnecessary. ## Full Transcript
Your fingerprint, your face, your voice, your DNA. These are all physical characteristics
that are unique traits that make you you. But here's the big question. Can the use of these
biometrics actually violate your privacy? Multiple choice. Yes, definitely. No way.
Or maybe. Well, the answer is probably more nuanced than you think. A better understanding of the
technology will help answer the question, and maybe then, I won't actually need this tinfoil hat
after all. For instance, on one hand, they make life easier. I'm always forgetting my passwords, but I
never forget to bring my face with me everywhere I go. On the other hand, once your fingerprint or
face is stored in a system, it may be there forever. Unlike a password, you can't just reset
your face. At least not without some serious plastic surgery. So, in this video, we'll break down:
Are your biometrics really secret? How do biometric systems work? How can they be
used to improve security or misused to violate privacy? Can they be faked? And what
happens if they're compromised? Let's go beyond the FUD, the fear, uncertainty and
doubt and the conspiracy theories and talk about how all this stuff really works. Okay,
let's start with the definition. A biometric is a measurable, physical or behavioral
characteristic, like a fingerprint, an iris, face, voice, something along those lines that can be
used to uniquely identify or authenticate a person. Okay, but are they really a secret?
Can you keep them from being collected? Would it even matter if you tried? We object to someone
trying to fingerprint us, yet we leave our fingerprints on everything we touch. Same with DNA.
We shed it literally everywhere we go. In fact, both my fingerprints and my DNA are on this cup.
And in a few short minutes, it's going to end up in an unprotected trash bin somewhere. We even go
out in public with our faces on the front of our heads for all to see. Yeah, I know it's a shocking
idea, right? In other words, this is not a secret. And every time we speak, someone could be
recording us. I'm not saying all this to make you paranoid. In fact, just the opposite. The point is,
we essentially broadcast this kind of information about ourselves all the time. And don't give it a
second thought. And yet life goes on. So the issue isn't so much the biometric itself. It really
comes down to consent and use. Okay. We've talked about
now whether your biometrics are actually a secret or not. And again, they're not because we expose
them all the time everywhere we go. But now let's talk about how they work. How does the technology
actually work? Because there's a lot of myths and misconceptions about this aspect. So here's how it
starts. We start with we're going to look at two different use cases here. One is the registration
use case where we're going to register your biometric into a particular system. Let's again go
with a fingerprint example. So we're going to capture your fingerprint on a device that knows
how to read that. And what it's going to do is take that image. But that image is not what gets
stored So follow along here. We're going to extract that information. And the way we're going
to do is map it onto the biometric. The fingerprint comes down here, and I'm going to map
this looking for particular physical characteristics that are unique. That might be
something that make this something we'll recognize again. if it's a fingerprint we might
be looking for what we call biometric minutiae. Things like ridge endings, things like
bifurcations where a ridge starts to go in two different directions and things like that. And
we're going to take all of that, and we're going to note what is the x and y coordinate of where
that particular feature is in the overall picture. And also note the angle on the
ridge. So we're going to take those things then and record a numerical representation. This is the
thing we call a biometric template. The biometric template then has the x y coordinates along with
the angle and the physical characteristic that we just noticed. And we're going to have a whole
bunch of those And then that is what gets stored in our database. Again not your actual fingerprint
or your face or your DNA. It will be something along these lines, but a numerical representation
of the things that that stand out about it. So that's how we do the registration flow. Now how
about the way we use it? So let's go with the use flow. Now I come up to a system. I'm going to put
my fingerprint on it. In this example, we're going to take that image of the fingerprint. We're going
to go through the very same process here again. We're going to map out the X Y, look for the
unique characteristics. We're going to map that into a biometric template. And then, we're going to
take that template and see if it matches what we have stored for this particular user. So
we're matching and seeing that these numbers match these numbers. And as I mentioned before, there has
to be some room for error. Because if we're looking for absolute precise matches, well then it
could be that you were working in the garden one weekend and your ridges of your fingers are a
little bit worn down. if it's a voice biometric, maybe you've got a cold so it doesn't sound
exactly like you, different things like that. So we have to introduce a little bit of error and
acceptable error and decide how much that is. Well, that all comes down to how much risk you're
willing to accept for this particular application but that's how we basically make the system work.
So that's how biometrics, the technology, actually works. Now let's look at how it can be used or
potentially misused. So we'll take a look at different use cases that might be involved here.
One is it could be used for identification. In other words, in security terms, we
use this terminology identification and authentication. So it's the first part. It's the I
part of the identification and authentication. So I'm picking you and your, and I'm trying to
identify who you are based upon a biometric. Well, that's something that it depends on how it's
being used. If it's part of an authentication case where I'm going to a system and I'm trying to
prove who I am, and the system recognizes me first, and then I prove who I am. Probably not a problem
for us, because I'm already going and trying to get into this particular thing to begin with.
However, if that identification is being used in a different way, maybe to do tracking,
maybe it's for mass surveillance or something like that, I think most of us would agree we're
really not down for that. That's not something, profiling tracking, that we really appreciate. But
before you get too worked up about that, remember most of you are carrying a tracking device with
you anyway, and you're paying for the privilege. So your cell phone provider can tell where you are
all the time. They have to be able to know that or they don't know where to route your calls.
we're always being tracked one degree or another. Doesn't mean we just give up on the whole thing,
but that's it. Just trying to put some context around that. We're already having some of that
happen. Now let's look over here on the other side. So I mentioned identification and authentication.
So let's take a look at the authentication aspects and how biometrics could be used here So
authentication, I'll talk about some failure cases that can happen first. One is, and I've mentioned
this before, is the false positive. So false positives are where the system
believes it's you when it's not you. So I am you, in other words, in the system. How could that
happen? Well, one way is using AI-generated deepfakes. a deepfake is an
impersonation, a video, your voice, something like that. That sounds and looks and acts like you, but
it might fake out a system. Now, in general, biometric readers, especially like on a phone, are
not going to take a video of you or a flat picture of you and accept that. So they will
do a lot of other kinds of things, like sending infrared dots at you and looking to make sure
that the image they're looking at is three dimensional, not two dimensional, maybe even
looking for a heat signature. All kinds of things like that to make sure that it's not a deepfake. A
lot harder to do that with voice. In fact, I'd recommend you not use voice as an authenticator.
Use it as an identifier. Fine, not as an authenticator, because it's not reliable. Another
thing you have to consider here are fake biometrics, where someone maybe does a situation
where I lift your fingerprints off of a device that you've touched, something that you've touched,
and then I make a mold and put a a gummy version of that, almost like a gummy bear that fits over
my thumb, that has your fingerprints on the outside, because I'm pressed it into that mold
that I created. And then now, I can go to a biometric reader and get in. Now that's not as
likely to happen anymore. These days, the biometric readers are much better at looking and feeling
for that capacitive kind of indication. But there are other examples where these things can be
faked. Another thing to look at here are false negatives. So the false negatives are the cases
where it's really you, but the system thinks it's not you. And that would be a situation that we're
not going to be happy with it. We're getting rejected out of the system. So that's just kind of
a failure case. But ultimately, where these things can be very useful and not violate
privacy is this use case, multi-factor authentication, where they're leaning in as an
authenticator, and that in that case, I've gone to the system and said, I want to get into the system,
it's me. now I'm trying to prove that it's me. So what do we have to consider with all of these?
You can see it could be used. It could be misused. It all depends on that. Well, what are the factors
that go into that? Well, as I mentioned earlier, consent is a big part of this. Did I give consent
for my biometrics to be used If I did, well, then it's not really violating my privacy. But if
I didn't, maybe I feel very differently about that. How about this? Where is it being stored, the
biometric information? Now remember, typically a biometric system doesn't store the actual image
of your face, for example. It stores a numerical representation of that. that's something to
consider. Or your fingerprint. Where is that being stored? Well, one case on your cell phone, maybe
it's got a fingerprint reader, and the fingerprint reader is storing your fingerprint on the device
itself. Not really a privacy issue then. However, if it's being stored up in a
database, in the cloud, in the sky somewhere, then we don't really know who also might have access
to this So that could be a concern for us. And then, there's also the issue of, well, everybody
meant well at the beginning, but now we have function creep. The system starts being used to do
things that we didn't intend for it to be used for. And now, that's where the thing kind of gets
out of control. So you can think of this stuff along a spectrum, where on one end, we've got a
very valid use case of authentication. And like I said, that's something that we consented
to. We have something else that we probably didn't consent to, some sort of profiling and that we
would probably object to. Or it could be mass surveillance, and that almost surely most people
will disagree with. All right. Now, we've just talked about how biometrics can be used and
misused and how they could be deepfaked or otherwise to cause confusion with the
system. So the last question is: what if my biometric gets lost or compromised? Does that mean
I have to get a new face? Well, let's certainly hope not. And in fact, you don't. There is research
that continues to go on in the notion in the area of cancellable biometric information, where we
take those numerical representations and use a salt, which is a cryptographic technique, so that
that way it's a unique representation that's unique to that particular system. So that if that
system gets compromised, it doesn't compromise those same minutia on all the other systems that
are out there so keep watching that space. Another thing we can do to protect, though, is never rely
on a biometric as a single factor of authentication. It should be part of multi-factor
authentication. So that way, even if my fingerprint does get compromised, well, I have more fingers. But
it even if that were the case, I'm still relying on more than just that alone I'm relying on a
password, something I know or something I have, like a particular device. So with multi-factor
authentication, we're reducing that risk surface by spreading out the different security
mechanisms we're using. So I'm going to go back to our original question. Remember the multiple
choice at the beginning. Do biometrics violate privacy? And I'm going to say the best answer
is D: All of the above. In fact it in many cases, it actually
protects our privacy by providing better security for our private information using strong
authentication. But if used improperly, we end up with Big Brother from 1984. The bottom line is
this: we leave biometric info everywhere we go, so trying to hide it is fighting a losing game.
Better to focus, I think, on this, how the information is going to be used and make sure it
isn't abused. And if you do, well then maybe we don't need the hat after
all.