The document discusses the relationship between biometrics and privacy. It argues that while biometrics are often proposed as a way to improve privacy by replacing passwords, they also enable "perverse biometrics" and "quantum surveillance" due to mission creep and inadequate legal controls. The document recommends that to restore trust, privacy must be given genuine meaning through independent oversight of biometrics, complementing privacy impact assessments with ethics impact assessments, and ensuring technology is accountable to human values and intervention.

1. Biometrics: redefining privacy
Can biometrics create a new kind of
privacy using bodies, not
passwords?
Juliet Lodge
Nesta, London 25 March 2014 Juliet Lodge

2. Biometrics – and privacy
‘… only a problem of labelling ‘ (UK Min)
Definition
Transparency
& the 60% rule
• Constitutional
• Procedural
• Practice as deception
• Trust and Privacy :
Who’s in control
Nesta, London 25 March 2014 Juliet Lodge

3. Starting point : the end of privacy
And what I call ‘Perverse Biometrics’ and
‘Quantum surveillance’
• Mission creep from territorial
border security to smart IoT, robotics
• Legitimising PPPs, data blending
• Insufficiency of scope of ethical codes apps
• Inadequate or obsolete politico-legal controls
Nesta, London 25 March 2014 : Juliet Lodge 3

4. Do Biometric apps redefine meaning
of privacy and transparency?
Constitutional: parallels in
misunderstanding
‘EU Council worse than a papal enclave’.
Duff, MEP
Procedural : … foreign ‘hysteria over EU
data protection laws ‘Jan Albrecht MEP
Fundamental rights v. Profits: ‘IT giants ...
trying to lobby away right to privacy’ Max
Shrems
Impact of biometric cyberworld on meaning of the
above and what it means to be human?
Recommendations.
Nesta, London 25 March 2014 Juliet Lodge

5. Perverse Biometrics – door to
quantum surveillance or credible
privacy?
Contradictory claimsmaking
• individual and/or collective privacy
• user control over personal data
• Legal certainty v. Technical credibility of new EU Regulation
on DP re: ‘right to be forgotten’
• The who, what and how of support measures: what
insufficiencies need addressing?
• Inconsistencies in law ( egEU regs and directives)
• Risks to fundamental rights for all
• Lack of consensus over biometrics beyond the fingerprint
Nesta, London 25 March 2014 Juliet Lodge

6. Purpose of an Independent
Kitemark?
• restore trust in resilience of ICTs and
credibility of Gov and PPS
• combat risks of (un)ethical human
(in)security
• give privacy genuine meaning and
credibility
• RECOMMENDATIONS from our ICT Ethics
f7p research project incl: - Complement
PIAs with EIAs
Nesta, London 25 March 2014: Juliet Lodge 6

7. Conclusion – trust what? The
certainty fallacy and perverse
biometrics
• Technology is insufficient as a privacy guardian
• Who’s in control?
• Ethical values and practice must inform info
collection, handling etc and can do so only if
human intervention (whether public or private
sector) is visible, identifiable and accountable
• How biometrics can uphold T & A to ensure
trust in hyperconnected/adjacent maximising
realities.
Nesta, London 25 March 2014 Juliet Lodge

8. Biometrics, privacy and
(un)certainty
‘Citizens must be able to understand
the system so that they can identify
its problems, criticise it, and
ultimately control it.’
Final report of the Convention on the Future of Europe
Working Group IX on Simplification 29 Nov 2002
[CONV 424/02 WGIX 13]
Nesta, London 25 March 2014 Juliet Lodge