The Privacy of Biometric Information in a Networked Environment

1. The Privacy of Biometric Information in a Networked Environment A Philosophical Approach Eamon Daly

2. This presentation covers: • The distinction between biometrics and biometric information systems • The development of personal privacy and information privacy from the perspective of two European Philosophers: Immanuel Kant and John Stuart Mill • Privacy of biometric information • Kant’s categorical imperative and the privacy of biometric information • Summary and concluding remarks

3. Biometrics • The automated measurement of human physical or behavioural characteristics with the intention of personal identification or authentication • Utilise a combination of digital computing and scanning technologies to capture data relevant to particular (human) characteristics • Examples include handwriting signatures, retina scans, fingerprints, voiceprints, and DNA profiles • Operate by comparing a previously stored measurement with a new one, employing countermeasures to detect impersonation

4. Biometric Information Systems • Networked systems of biometric information utilise the inherent capabilities of ICT to greatly enhance the power and utility of biometrics • Networking technologies, in particular, are technologies of connection. They expand and combine over space and time the otherwise isolated technologies of biometric data capture and comparison • Biometric information in this networked environment is therefore subject to even greater privacy concerns

5. “…over himself, over his own body and mind, the individual is sovereign…” J. S. Mill • For Mill, the private sphere is distinctly differentiable from the public • The boundary which separates the two is sharp and largely physical • One’s liberty depends on a kind of ownership of one’s thoughts, body, and personal space • These ideas emerged from the political tradition of liberalism, and have had a major influence on the way privacy is conceived in modern western societies

6. Personal privacy is different from information privacy • In this age of information, the limits of the personal are significantly changed • To adjust for this, in modern western societies the tendency has been to attempt to extend these Millian derived ideas • Thus information privacy becomes a matter of private property, separate from the public sphere • I believe this view provides a a poor basis for understanding information privacy

7. “The humanity in one's person is the object of the respect which he can require of every other human being. ...He should always pursue his end with an awareness of the sublimity of his moral nature. …”ImmanuelKant • Personal privacy is a first order issue, whereas information privacy is a second order issue in that it refers outside itself • Interference with information privacy amounts to interference with personal control and decision making • Information privacy is therefore more appropriately conceived in terms of personal autonomy and rational agency • Kant’s moral philosophy is ideally suited to this kind of conception

8. Privacy issues in Biometric Information • Biometric information scanned at one point in a travel path is communicated to some or all downward points, setting in process a whole raft of effects which entail a loss of information privacy • Travelers may often therefore inadvertently participate in reducing their own autonomy by submitting to biometric scans • Biometric information once scanned and communicated, is able to circulate throughout the global network of information systems, compounding the loss of information privacy and autonomy

9. Kant and the privacy of biometric information • Kant’s moral philosophy illuminates the ethics of biometric information privacy in a number of ways and at several levels • One such way is by use of Kant’s categorical imperative (CI): Act in such a way that you treat humanity, both in your own person as well as the person of all others, never only as a means, but always equally as an end • This is the second form of the CI, and it is really the conjunction of two simpler forms as illustrated on the following slide

10. Kant’s CI (second form) and the privacy of biometric information • Act always in such a way that you treat humanity, in your own person, never only as a means, but always equally as an end, and • Act always in such a way that you treat humanity, in the person of all others, never only as a means, but always equally as an end • From the second part of the CI, it can be seen that the loss of a person’s information privacy results in that person being treated only as a means, reducing him or her to the status of “thing in the world” and the state of heteronomy

11. Kant’s CI (second form) and the privacy of biometric information contd. • The first form of Kant’s CI instructs one to act according to maxims which one could consistently will to be universal laws • Applying the first form of the CI to the second form, it is evident that one who wills the loss of another’s information privacy must also will the loss of his or her own, thereby by also reducing himself to the status of “thing in the world” and the state of heteronomy • Thus the privacy of biometric information is conducive to a Kantian analysis

12. Summary and concluding remarks • Personal privacy as a western concept emerged from the political tradition of liberalism, and has been influenced substantially by the ideas of J. S. Mill • Information privacy is more appropriately conceived of in terms of Kantian ethics • The privacy of biometric information is especially conducive to an analysis framed in terms of Kantian autonomy and rational agency • This study forms part of my Ph.D. thesis on personal autonomy and the “travel panopticon”

13. Thank you