Abstract
Biometric identification systems that are in place or under consideration in many countries present significant privacy consequences principally relating to information privacy or data protection. This paper discusses personal privacy in the context of the adoption of biometric identification systems.
While defining privacy is challenging, Fair Information Practices offer familiar and generally accepted privacy principles used in many countries around the world. The principles of Fair Information Practices can be implemented in a variety of ways to meet the needs of any given activity, culture, or nation. Related factors that should be considered include security threats, the existence of identity theft, and the surveillance consequences of centralization of data from an identification system or from transaction records.
The paper suggests ways to use the elements of Fair Information Practices in a biometric identification system to achieve a balanced outcome that protects privacy to an adequate degree. Using Privacy Impact Assessments to consider privacy consequences before making decisions can also assist in achieving a result that minimizes data processing activities that affect the privacy of individuals.