Due to technical advancements, biometric information can easily be collected and used, possibly compromising the security of the data and allowing the reconstruction of the biometric features of individuals. In that context, Biometric Template Protection (BTP) techniques promise to ensure both the security and privacy of biometric templates. The purpose of this chapter is to address biometric template protection from a regulatory and data privacy perspective. We will first briefly present a summary of the uses of biometric information in various domains and the related risks to biometric data. We also remind the reader of the legal concept of biometric data and information. We point to different legal approaches, in particular in the European Union (the GDPR), in the Council of Europe (the Convention 108+), and in the USA (through various states’ legislation and also omnibus data privacy acts such as in California). A brief analysis of the advantages offered by protected biometric templates will be made, followed by a presentation of the criteria to ascertain when data are personal data. There is an ongoing discussion about the qualification of protected biometric templates under data privacy rules, as to whether they still relate to an identified or identifiable individual (and are thus personal data) or whether they can be considered anonymous data.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

A Legal Obligation to Protect Biometric Information: A Brief Analysis

  • Els J. Kindt,
  • Catherine Jasserand

摘要

Due to technical advancements, biometric information can easily be collected and used, possibly compromising the security of the data and allowing the reconstruction of the biometric features of individuals. In that context, Biometric Template Protection (BTP) techniques promise to ensure both the security and privacy of biometric templates. The purpose of this chapter is to address biometric template protection from a regulatory and data privacy perspective. We will first briefly present a summary of the uses of biometric information in various domains and the related risks to biometric data. We also remind the reader of the legal concept of biometric data and information. We point to different legal approaches, in particular in the European Union (the GDPR), in the Council of Europe (the Convention 108+), and in the USA (through various states’ legislation and also omnibus data privacy acts such as in California). A brief analysis of the advantages offered by protected biometric templates will be made, followed by a presentation of the criteria to ascertain when data are personal data. There is an ongoing discussion about the qualification of protected biometric templates under data privacy rules, as to whether they still relate to an identified or identifiable individual (and are thus personal data) or whether they can be considered anonymous data.