attitudes

This page considers attitudes to biometrics and biometric collections such as networked national fingerprint databases, including responses by civil society advocates and ordinary consumers.

It covers -

• studies - what do we know about attitudes to biometrics?
• awareness and exposure - how many people have used biometric systems
• concerns - what do people think about biometrics?
• fearing the database?

     studies

What do people think about biometrics?

The answers are unclear, given the apparent range of opinions (and the intensity of some perceptions), the narrowness of most research and the tendency of some solution vendors/buyers to release conclusions without providing meaningful information about sample sizes/characteristics or questionnaire structure.

It is thus common to encounter claims that consumers welcome particular biometric applications (particularly if the application affects someone else, such as a refugee or recipient of welfare services) or that they are widely and deeply opposed to biometrics per se and are strongly concerned about potential misuses of biometric registers.

One of the few surveys specific to biometrics was a small US survey in 2001-2 for SEARCH on Public Attitudes Toward the Uses of Biometric Identification Technologies by Government and the Private Sector (PDF).

It suggested that around 82% of respondents considered that fingerprint imaging was "somewhat acceptable" - post 9/11 in obtaining a passport, 84% to obtain entry into official buildings, 82% at airport check-ins, 77% to obtain a drivers license and 60% to rent a car.

91% were comfortable with officials creating a 'biometric database' of everyone convicted of a serious crime, "for use in later criminal investigations". 86% would supposedly allow biometric screening of welfare recipients, 87% would allow security guards to screen people entering a school (with a biometric database of convicted child molesters) and 90% would allow biometric checking of applicants for occupational licenses such as teachers, private security guards or nursing home staff.

Around 80% indicated that it was important that -

• biometric IDs only be used in ways known of and approved of by the individual
• people (including the stigmatised?) should be fully informed about how their ID is being used and why it is needed
• data should not be shared with other organisations
  Biometric IDs be collected knowingly, except in cases of national security
• there should be restrictions on combining biometric data and being and tracking people using biometric identification.

The figures are broadly consistent with conclusions in the 2001 RAND Army Biometric Applications: Identifying and Addressing Sociocultural Concerns study highlighted earlier in this note.

A 2004 US survey for solutions vendor EDS concluded that

• over 69% of respondents are "open to the idea of using biometrics" for identity management. ("Only 12 percent said no to biometrics, while 19 percent are unsure")
• 88% of the respondents willing to accept biometrics are in favor "because it is convenient and does not require them to remember passwords"
• 85% preferred finger prints, 84% chose voice recognition "for convenience and speed".

Similar figures appear in the thin 2005 Consumer Attitudes about biometrics in ID documents study (PDF) by TRUSTE.

A 2005 US survey sponsored by vendor AuthenTec similarly claimed that "63% of consumers would pay extra to add fingerprint biometrics to their PC and notebook computers, while 71% would pay more for this feature in their cellular phones" and that "43% are most interested in using fingerprint sensors to replace their computer or internet passwords. ... 29% said they would be willing to pay more than $25 for the additional feature".

It remains to be seen whether consumers would be prepared to match survey responses to action, and whether the sample is representative. Grounds for caution are provided in Sandra Giarimi & Helen Magnusson's Investigation of User Acceptance for Biometric Verification/Identification Methods in Mobile Units (PDF).

Detailed figures on the number of people for whom use of biometric technologies is inherently offensive, distasteful, discriminatory or invasive are unknown. It is likely that such figures will only be available once several governments require enrolment in systems, such as health cards and passports, that are based on particular biometrics.

    awareness and exposure

In Australia and overseas attitudes to biometrics appear to reflect exposure to the technology (familiarity is generally associated with lower levels of anxiety) and sensitisation to privacy or other issues. That has led to industry statements such as

Once they understand the limited nature of the data involved, people become more comfortable with the technology and their perception will change.

Focus group and other mechanisms for teasing out attitudes suggest that the stance of some consumers and policymakers is in fact quite nuanced, with an appreciation of particular technologies but considerable skepticism about effectiveness - eg biometrics potentially 'authenticating' bad data - and wariness about misuse.

That wariness was reflected in the Australian Biometrics Institute draft Biometrics Privacy Code (PDF) - "to ensure that Australian citizens have a greater level of privacy protection than currently exists" - and in documents such as the Australian Law Reform Commission's 2003 Essentially Yours: The Protection of Human Genetic Information in Australia report and 2004 European Commission Biometrics at the Frontiers report (PDF).

The SEARCH survey suggested that among the small group of respondents who had provided identifiers, fingerprint scanning was the most commonly experienced technique (experienced by 82% in 2002), followed by signature dynamics (46%), hand geometry (19%), facial recognition (supposedly up from 4% in 2001 to 22% in 2002), voice recognition (27%) and 'eye recognition' (20%). oward fingerprinting may serve as some indication of attitudes toward identification. Around two in three US adults in the survey (69% in 2001 but down to 66% in 2002) reported having been fingerprinted for identification purposes, with roughly 90% feeling it was an appropriate requirement (although around 20% of the cohort indicated that "finger-imaging treats people like presumed criminals").

    concerns

Some concerns regarding biometric databases essentially relate to data collection mechanisms - for example facial imaging may be considered as invasive in some cultures - or to enrolment per se rather than how the resultant data is used/misused.

Criticisms of biometric databases on privacy grounds broadly reflect concerns about databases as such, rather than inherent discomfort with biometric identification/verification. Unique identifiers are an issue in an environment where databases are the building blocks of almost every modern service and transaction, because such identifiers can link disparate databases and information. Those concerns encompass

• unauthorised collection, whether through 'surveillance at a distance' technologies such as gait and facial recognition via closed circuit television cameras in public places or through mandatory enrolment (no passport = no international travel)
• unnecessary collection, with biometric technologies being deployed in situations where there are few measurable benefits for strong user authentication or identification and where the existence of the data and collection mechanisms promotes both misuse of the collection (eg function creep) and subversion of the system. 
• unauthorised use, often assessed as the greatest risk biometrics pose to privacy. Such concerns include forensic usage and usage as unique identifier. Given reliance on fingerprints as the primary means of forensic identification, there is wariness that information provided for public or private sector purposes will facilitate police searches, both automated and through use of latent images. Every database with a biometric could be used as a database of criminal records, representing a significant increase in the potentially intrusive investigative powers of the state. Use of biometrics to monitor, link and track an individual's daily activity is another common fear, unsurprising if there is a requirement to provide biometric information in government, financial, health service, retail and employment environments.
• unauthorised disclosure underpins unauthorised use and erodes the individual's control over information, a loss that is central to many privacy concerns.
• function creep involves expansion of a scheme or system into areas for which it was not originally intended. Use of national identity numbers in a broad variety of applications illustrates the danger of function creep, with discrimination against those who do not have (or merely do not provide) identifiers and use by public/private sector entities in locating and linking data across collections.

    fearing the database?

Consumer concerns about biometric databases similarly reflect where people are standing, encompassing perceptions about networked data collection/handling and sensitivities about mandatory enrolment.

Privacy International, in criticising ICAO standards for biometric-based passports, warned (PDF) in 2004 that

This is a potentially perilous plan. The ICAO must go back to the drawing board or hold itself responsible for creating the first truly global biometric database.

A spokesperson commented that

Governments may claim that they are under an international obligation to create national databases of fingerprints and face scans but we will soon see nations with appalling human rights records generating massive databases, and then requiring our own fingerprints and face-scans as we travel.

   next part  (biometrics in popular culture)