Digital identity and biometrics: When your face reveals your vaccination status … and more
Andrejevic
As many Australians come out of lockdown restrictions, they face a host of new checkpoints – at shops, the workplace, entertainment venues and state borders.
Not only do many of us have to check in at various locations by scanning QR codes, we’re now required to show proof of vaccination and, in some contexts, proof of negative COVID-19 tests.
The result has been the increasingly familiar site of people fumbling with smartphones on the sidewalk in front of whatever space they’re trying to enter. In some cases, it can mean frustrating bouts with apps (“What was the PIN code for the Medicare app?”; “Have I linked it to my MyGov account?”; “Where’s that text with my test results?”; “Uh-oh ... my battery is dying!”).
Australia isn’t alone. The pandemic has contributed to a new set of protocols for travel and access of all kinds – all in the name of controlling human circulation to thwart that of the virus.
These new layers of verification and control set the stage for a technology that offers to cut the Gordian knot of passwords, usernames, PIN and QR codes, as well as passports, vaccine cards, and paper tickets – biometrics.
Building on the success of the use of facial recognition technology for border control, the International Air Transport Association (IATA) has introduced a travel pass initiative that would enable “seamless” transit while adhering to pandemic restrictions. In keeping with the IATA’s claim that “the future of aviation is biometric”, its “One ID” solution would not only identify a passenger’s travel credentials, but would link these, internationally, to travellers’ vaccine status, test results, and/or “proof of recovery”.
The “One ID” solution addresses an issue that’s not limited to air travel – or the response to COVID-19 – but is exacerbated by the prospect of travel during pandemic times.
More generally, we find ourselves navigating a growing array of login prompts and checkpoints both online and off. According to some estimates, the average person with access to smart devices and online resources has about 100 passwords – and this number is growing rapidly. The proliferation of online services may ease access, but it throws up speed bumps in the form of access credentials – as anyone who has ever had to reset their two-factor identification system has likely discovered.
We use passwords to watch TV and movies, to access the bank, the library, our books, our email, our newspapers, the intranet at work, our children’s report cards, our shopping sites, our internet service provider, our government services account, our highway toll account, our music, our social media accounts, our online games, our documents and calendars, and on, and on, and on.
The ongoing attempt to control the spread of COVID-19 means that physical space will become more like password-protected spaces online; we’ll need to show credentials to verify our immunisation status and to mark our movements as we go through the course of our daily lives – showing up at work, going to a café for lunch, or a theatre in the evening.
These multiplying forms of “friction” in moving through physical and virtual space set the stage for a unified biometric solution – a technological response to the digital hurdles multiplying around us.
The “One ID” solution envisioned by IATA for airline travel anticipates a world in which, instead of fumbling with passports and other forms of ID, we’re recognised by automated systems that allow us to move seamlessly through these checkpoints.
Biometrics could also ease access to our various online services and accounts, dispensing with the need to remember or store passwords, and allowing us to move seamlessly from device to device.
We’re invited to imagine what it might be like to dispense with passwords, ID cards, metro cards, drivers’ licences, check-in apps, and more.
The promotional material of facial recognition companies is jam-packed with descriptions of systems that allow people to move seamlessly through checkpoints from retail checkout counters to train stations and secure workspaces where distributed sensors ”recognise” them, linking to their profiles and even their bank accounts.
Biometrics could also ease access to our various online services and accounts, dispensing with the need to remember or store passwords, and allowing us to move seamlessly from device to device.
Such solutions are still some way off, but we’re already starting to see the more widespread deployment of a range of biometric solutions.
The Australian government, for example, continues to work towards the widespread deployment of a nationwide facial recognition database – a database that is reportedly already being used by some police despite the lack of enabling legislation.
It’s also incorporating facial recognition technology into the MyGov platform for accessing government information and services. To the extent that such a rollout is successful, the result could be a move towards biometric identification as the default mode of authentication for everything from accessing tax information to commercial sector transactions such as opening a bank account and signing up for broadband access.
Biometrics and the security risks
The time to consider the implications of the widespread use of biometrics is now. Biometric data collection can be highly invasive, and it’s important to ensure it’s being used responsibly and proportionately. It may seem liberating to be able to step into a shop, pick up a carton of milk, and pay automatically with your face, but much depends on how your information is collected, stored, and used.
The widespread collection of biometric data could result in data troves of personal information that create a security risk. When biometric information is compromised, the results can be a lot more difficult to address than, for example, the fallout from a leaked password. You can’t call up the IT department and get them to reset your face.
Moreover, biometric data can provide detailed information about people that goes far beyond simply identifying them. Because biometric sensors, by definition, rely on data about bodies, they can be used to determine information about people’s state of health, for example.
Some researchers claim to be able to determine information about people’s moods, intentions, and state of mind from biometric data. This is a lot of information to give away in exchange for a carton of milk – and it lends itself to a host of possible abuses.
The temptation of being able to seamlessly navigate the information checkpoints and borders that are restructuring our online and offline lives is a powerful one. But a biometric solution needs to be treated with caution and care. Centralised solutions enable centralised control – and using our bodies as universal passports raises grave concerns for control over personal information and bodily autonomy.
Read more: Facial recognition survey reveals concerns about accuracy and bias
We’ve grown used to a certain level of “wiggle” room when it comes to personal identification in many contexts. Much to the chagrin of commercial information providers, for example, we can share our passwords for newspapers, streaming services, and other forms of online access. We can still make purchases with cash (in many places) without leaving a record of our movements, our preferences, and our habits.
This wiggle room may pose risks of abuse – but it also keeps us from feeling we’re being constantly monitored and controlled.
This article was co-authored with Professor Gavin Smith, School of Sociology, Australian National University.
About the Authors
-
Mark andrejevic
Professor, Communications and Media Studies, Faculty of Arts
Mark contributes expertise on the social and cultural implications of data mining, and online monitoring. He writes about monitoring and data mining from a socio-cultural perspective, and is the author of three monographs and more than 60 academic articles and book chapters. His research interests encompass digital media, surveillance and data mining in the digital era. He is particularly interested in social forms of sorting and automated decision-making associated with the online economy. He believes regulations for controlling commercial and state access to and use of personal information is becoming an increasingly important topic.
-
Neil selwyn
Professor, School of Education Culture and Society, Faculty of Education
Neil's research and teaching focuses on the place of digital media in everyday life, and the sociology of technology (non) use in educational settings. He's written on issues including digital exclusion, education technology policymaking and the student experience of technology-based learning.
-
Christopher o'neill
Research Fellow, Communications and Media Studies, Faculty of Arts
Chris is a postdoctoral research fellow in the Monash node of the ARC Centre of Excellence for Automated Decision-Making and Society. He completed his PhD at the University of Melbourne in 2020. His doctoral research was in the analysis of body-sensing technologies, such as heart rate monitors and productivity sensors. He has a particular interest in the development of biometric technologies such as facial recognition cameras, and what implications such technologies might have for conceptions of identity and governance.
-
Xin gu
Lecturer, Communications and Media Studies, Faculty of Arts
Xin’s research concerns the digital creative economy, looking at the democratisation of creativity through vast transformative digital media ecosystems. Her work focuses on the transformation of creative cities and the creative economy under different social, economic and political conditions. She was appointed by UNESCO 2005 Convention on the Protection and Promotion of Expression of Cultural Diversity (2019-2022) and heads the Master of Cultural and Creative Industries (MCCI) at Monash. She has published widely on urban creative clusters and agglomerations, cultural work, creative entrepreneurship, cultural and creative industries policy, media cities, maker culture and cyberculture. Xin has worked with policy initiatives in the UK, China and Indonesia to support small-scale local creative industries development services.
Other stories you might like
-
Bio-PIN: Taking biometric security to the next level
An innovative algorithm is set to further enhance the protections afforded by biometric technology.
-
Facial recognition survey reveals concerns about privacy and bias
A recent survey of Australians’ attitudes towards the use of facial recognition technology revealed significant concerns about privacy, security, and bias.
-
Faking it, for real
The popularity of face-swapping software has resulted in the disturbing trend of 'deepfakes' that can be used for nefarious purposes.
-
Problematic, on the face of it
Australia's parliament will soon decide on a bill to try to regulate facial recognition technology, but plenty of questions remain unanswered.