The security benefits of biometrics technology outweigh the privacy concerns.

Share this article:


Don Erickson director, government relations, Security Industry Association (SIA)

Biometrics are among the most advanced and valuable security technologies available. Devices that scan facial features, irises, fingerprints and other physical characteristics have secured some of the most sensitive facilities in the world for many years and are now being used for more routine purposes, from controlling access at schools to verifying identities for financial transactions.

As with many security products, biometrics raise privacy questions. What opponents of biometrics fail to recognize, however, is that these have been thoroughly addressed by the security industry. Privacy safeguards are regularly put in place to automatically control the collection, storage and use of biometric data according to carefully defined standards. While criminals will always try to find ways to circumvent such protections, these abuses can be punished.

The safety provided by biometrics and the privacy that we all value are not mutually exclusive. Sacrificing security because of misperceptions about the effects of biometrics on privacy would only serve to endanger millions of people unnecessarily.


Lee Tien, senior staff attorney, Electronic Frontier Foundation (EFF)

Do the security benefits of biometrics technology outweigh the privacy concerns? Probably not.
People always look for technical solutions to human problems, and the allure of biometrics for security is no exception. But biometrics, at best, handle identification, which is only one part of security.

Biometrics are often perceived as foolproof, but fingerprint scanners have been fooled by fake prints made from gelatin, and iris scanners by photographs. Conversely, if I forge an ID card using a fake name but use my actual fingerprint, I've probably guaranteed a successful match.

More important, biometrics aren't secrets—they're easy to steal. Cameras record our faces and we leave fingerprints and DNA everywhere. And once a biometric is digitized for computers, it becomes a file capable of being copied.

The broader point is that identification alone isn't security – knowing my identity doesn't tell you whether I'm a threat. Biometrics are merely part of a system that relies on databases of information about us and on humans deciding how to handle false positives and false negatives.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Next Article in Opinions

Sign up to our newsletters

More in Opinions

Me and my job: Chris Sullivan, vice president of advanced solutions, Courion

Me and my job: Chris Sullivan, vice president ...

This month we get to know Chris Sullivan, vice president of advanced solutions at Courion.

Threat of the month: SVPENG

Threat of the month: SVPENG

We take a closer look at SVPENG, malware that's capable of launching two different types of attacks.

Security assessment stability

Security assessment stability

We should be asking if it is worth the cost of constantly switching security assessment companies, says Ken Stasiak CEO, SecureState.