You are here
Biometrics: Face ID – Data Privacy
The tech world was recently getting used to the idea of being able to perform transactions from their devices by using only their digital print, when Apple Inc. leaps on to the next generation by introducing face recognition into their star product, the iPhone X.
The technology itself is not ground breaking, since it has been around since the early 2000’s, used without great success in surveillance and even portable computers. But, the applications and implications derived from the Cupertino Company´s proposal are to be considered and seriously valued for possible legal implications.
The main concerns surround the possible privacy breaches from crackers or government agencies, which Apple claims to have foreseen. Regardless the public, especially those who are more meticulous, question the company’s ability to safely store this information.
Ever since Touch Id was released along the iPhone 5s, word from Cupertino has been that no biometrical information was been uploaded or stored in any Apple related server or cloud. The information never leaves your device, and it is stored in a specific processor called a Secure Enclave, in charge of encryption and decryption of mathematical algorithms obtained from your print.
With the development and worldwide launch of Face ID, there are no reasons for us to suspect a different handling on the matter by Apple with this highly sensitive information.
Cyber-security or Big Data?
Consumers biggest concerns lies upon possible security breaches, scenarios were someone accesses their devices without permission, and steals their private photos, messages or maybe banking information. Other concerns focus upon the possibility of law enforcement agents forcedly unlocking your device and violate your constitutional privacy rights. In times, paying little to no attention to the invaluable price of the information gathered on a daily basis by their smart phones.
These days, information that can be merchandised or analyzed in some level, could be more valuable than a bank account number. Data Analytics for marketing, espionage or business means is on the rise and highly rewarded; often becoming the main reason for someone to crack your device and steal your information.
From a legal perspective, biometric data is granted with the highest level of protection, the UE for example states that this information can only be treated under specific circumstances when certain factors collide; or with the famous Informed Consent.
We can only fantasize with the value of information obtained by constant monitoring of your facial expression, changes or even the background were the scan is taken; allowing machine learning to understand and predict your mood swings, fashion preferences, aging, weight or even some sort of illness.
This means that security policies will have to be studied in depth, and consumers must be aware and fully comprehensive of how information is going to be treated, stored or handled by the requesting party.
Off course close monitoring over their activities is advised.
Questions are yet to be answered by companies like Apple that walk over a thin line between customer satisfaction, innovation and Data Privacy scandals.
For now, encryption processors like Secure Enclave have proven to be effective; but it is undeniable that each day cyber criminals get better, and put to the test even the most secure softwares out there.
In the end, it is left up to the user to decide if they want to store and or share their faces, retinas and even digital print information on their smart devices, they must understand and accept the risks and responsibilities attached.
Jaime has more than 7 years of experience in the field of Law, and currently stands out for being an expert on intellectual property issues.
He has developed his practice in the area of intellectual property, mainly in matters related to trademarks, patents, and copyright, thus he has been able to combine his knowledge and experience to provide commercial advice to important clients and companies.
He recently completed a Master's Degree in Information Technology and Communication, Social Networks and Intellectual Property Law at the prestigious ESADE University of Barcelona; Recognized as the best masters in the area at European level. This has allowed him to focus and direct his practice towards the digital and corporate world.
At the moment Jaime is one of the few professionals specialized in Law of the TIC in Costa Rica.
Jaime has more than 2 years of experience as a Public Prosecutor, which has allowed him to develop skills in litigation that proved to be of great value since his arrival at the firm, especially for compliance and anti-piracy issues.
Its multidisciplinary profile indicates that it is able to advise its clients and solve problems effectively.