What is biometric data?

5 min read

Georgia Iacovou

09 Oct 2019

It’s the most personal data you have — and it’s being used by private companies.

Biometric data is produced from pretty much anything to do with your body: your face, your iris, your fingerprint. And then even stuff like the way you stand, the way you move, your voice, and crucially: your DNA.

Arguably it’s the most ‘yours’ out of every other kind of data out there. No one else but you has your likeness. In some ways, it’s strange to know that it’s the kind of thing that gets turned into data; essentially biometrics are physical traits that are turned into pieces of personally identifying information.

person with random string of characters in front of their face Your face is one of your most unique identifiers

Where is biometric data used in every day life?

First and foremost, biometrics are used to identify people. For instance, you can unlock your phone because it recognises your face or fingerprint. Other practical uses:

✈️ Airport security gates armed with facial recognition software to verify you and your passport, without a slow human doing the job instead — it’s more accurate reduces wait time.

🏫 Access to some schools in the UK are controlled by biometrics — this makes it so that the only people getting in are students, parents and teachers. These systems are also put in place to stop the stigmatisation of children who are entitled to free school meals.

💉 In healthcare, so that institutions don’t misidentify blood donors or, in countries that use insurance systems, to reduce denied claims.

🚘 In your car, because it definitely safer to use your voice to control the radio while you drive, instead of fiddling with the controls by hand and potentially getting distracted.

So these applications are mostly about safety and security: keeping data secure, keeping buildings secure, restricting access to things to the correct people. But as we’ve seen recently from Amazon’s Ring doorbells, increased security can have a negative effect on privacy.

☝️Biometrics are also used in ways that do not immediately serve you…

Ring is a perfect example of this: Ring, owned by Amazon, make smart doorbells that employ the use of facial recognition. If you have a Ring doorbell, anyone who comes to your door can be seen by you on camera (via your phone). The facial recognition software helps the doorbell learn the faces of who you identify as friends or strangers. Or even ‘suspicious persons’.

The issue with this is that Amazon is using this information to build up a database of faces and engage in law enforcement. Anyone recognised as a ‘stranger’ could be profiled on the database. Amazon’s software is known to be fairly inconsistent — it’s misidentified people before, which goes against very point of biometrics.

Privacy issues surrounding biometrics concern to things: consent for when biometric data is collected, and what it’s used for. And the accuracy of the software processing the data.

If a company scans your face, in then has your likeness on record — you could argue that this is something that should never really become data. Because it's your face.

These are the exact two areas where Ring doorbells fall short — owners of these doorbells very likely have no intention to scan a delivery person’s face without them knowing, and misidentify them as ‘suspicious’.

Earlier this year, the Illinois supreme court in the USA made a significant ruling on the collection of biometric data without consent; the ruling said that even if the subject suffered no damages, the act of collecting the data is still unlawful.

So there is a belief that simply collecting it, especially for reasons that span beyond the obvious (like getting into buildings) is an infringement of privacy. If a company scans your face, in then has your likeness on record — you could argue that this is something that should never really become data. Because it’s your face 🤔.

a blank billboard with fake tracking lines on it If this billboard was tracking my eyes it would find that I mostly looked at the grey square and the black square…

Okay, but what am I talking about? How can a company just get hold of biometric data without you realising? Just in the same way you can get caught on surveillance cameras without realising. There are facial recognition cameras dotted around shopping centres, museums, and even billboards now.

But why do companies need to passively collect your biometric data? Well, ‘need’ is a strong word. But if advertisers can see exactly how your eyes move across a billboard, and how long it holds your attention, they can then make even more effective advertising. So yes, biometrics can be turned into money 💸

To wrap up…

So while biometric data has a lot of practical uses, it’s becoming increasingly clear that getting consent to collect it is important. Although Hong Kong’s Face of Litter campaign was well-received by the masses, the agency who ran the campaign did not actually get permission for the DNA it collected to create an artificial composite face of people who don’t put their gum in the bin.

The campaign was effective, but we should remember that biometric data is just one kind of data that can be used to track and change your behaviour. And it’s the most telling kind — it literally measures how you move and express yourself. The recent Illinois supreme court ruling very aptly points out that the potential harm in collecting biometric data greatly outweighs the cost of regulating it.

the author

Georgia Iacovou

Content Writer, Metomic