DELIVERABLE D2.2 Hon g Kong Conference Report

RISE PROJECT

Project funded by the European Commission-FP7

Grant Agreement n°: 230389

Coordination Action (CA)

Start date of the project: 1 March 2009

Duration: 36 months

1° Reporting Period

Deliverable: D2.2 Title: Conference Report Due date: 31.03.2010 Actual submission date: 20.05.2010 Lead contractor for this deliverable: Hong Kong Polytechnic University Contact: [email protected] Dissemination Level: PU

1

The Third International Conference onWWW Ethics and .PolicyRISEPROJECT of Biometrics and International. EU Data Sharing, 2010, Hong Kong

Table of Contents

I. Introduction ...... 3

II. Background of Conference ...... 3

III. Preparation for the Conference ...... 4 A. Conference Venue and Logistics

B. Invitation for Speakers

IV. The Third International Conference ...... 5

V. Call for Papers...... 14

VI. Abstracts and Biographies ...... 15

VII. Media Coverage ...... 28

VIII. Conference Organization and Proceedings Organization ...... 31

IX. List of Participants ...... 34

X. Speakers Presentations ...... 38

XI. Appendix A: Conference Brochure ...... 106

XII. Appendix B: Conference Proceedings ...... 136

2

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

I. Introduction Human identification using their physiological and behavioural characteristics, i.e. biometrics, is increasingly mapped into range of new civilian and commercial applications. The past decade has seen a rapid growth in the demand for biometrics and data security technologies for a wide range of applications in education, law enforcement, immigration, healthcare, online security and financial services. The biometrics based technologies have opened new frontiers for medical diagnosis and information security. However recent research and deployment reports have shown that with negligible-to-modest effort, many leading biometric technologies are susceptible to attacks in which fake fingerprint tapes, static facial images and static iris stamps/images have been successfully employed as biometric samples. These fraudulent samples are processed by the biometric system to generate templates and to verify enrolled individuals. There has been a newfound urgency after September 11 attacks to develop cutting-edge security technologies. However, the performance of currently available biometrics technologies is yet to mature for its broad deployment in real environments. Performance estimation is a key issue in the comparison and evaluation of the biometric and biometric system in large scale secure access technology. The challenge lies in devising the effective performance indices and evolving their interdependence to convey security, accuracy, privacy and such other performance measures currently debated in the literature. In addition, the increasing usage of biometrics technologies have raised more concerns on the ethics, privacy and policy implications of biometrics.

The large scale deployment of biometrics technologies has highlighted several challenges in the management of human identities. The large scale deployment and development of next generation biometrics system must address the increasing concerns on the ethics, privacy and policy implications. The novel biometrics sensing, signal/image representation, storage, retrieval, transmission, encryption, matching and decision making techniques have to be developed to address the ethical, legal, cultural and social concerns in the management of human identities. The challenges posed in the deployment and development of promising biometric technologies can be largely observed from engineering perspective, and from social perspective. Several research presentations have shown that when social and ethical factors are internalized into the technical design and decision making, the solution tends to be more effective, compatible and cost effective.

II. Background of Conference The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, also referred to as third RISE (Rising Pan European and International Awareness of Biometrics and Security Ethics) meeting, is essentially a key milestone in the ongoing dialogue process within the scope of RISE project. This conference has been planned and fully scheduled in the European Commission supported RISE project no. 230389 funded under FP7, SP-4 Capacities.

The increasing deployment of cutting edge security technologies has invited renewed concerns on the ethics, privacy and policy implications on the usage of these technologies. However, these concerns are not new but have also been raised and discussed earlier in the previous two conferences. The first of this conference was organized by European Commission in 2005 in Brussels and second one in 2006 in Washington DC, by the US Department of Homeland Security and the US Visit Program. The third international conference has been particularly organized in Asia by the RISE consortium to more actively involve the regional stakeholders in the dialogue process. The host city of Hong Kong in China was judiciously selected to avail the better connectivity and visa free entry for the likely participants from most of the countries. The key idea of the organizers has been to seek more active participation from the Chinese and Indian law enforcement, border control, privacy protection and the regulatory bodies in the dialogue process and bring awareness on the implications and challenges in the deployment of the biometrics technologies.

3

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

III. Preparation for the Conference The preparation for the conference started soon after the conclusion of the kick off meeting which was held in Rome on 12-13 March 2009. The initial task has been to come up with call for papers, develop and install a conference website, install a reliable conference paper submission and review submission system, select and book the conference venue, accommodation arrangement and booking for the conference participants. Some of these tasks like development of conference website, circulation for call for paper, booking the conference venue, etc. started much in advance. The mass mailing of the call of paper started from [email protected] in May 2009 itself and the initial deadline for the paper submission was set as 1st September, 2009. Online paper submission link was made available at http://iceb.comp.polyu.edu.hk/myreview/SubmitAbstract.php and the deadline for the paper submission was extended to seek more quality papers. The task of attracting potential authors to submit papers on the interdisciplinary topics in biometrics, i.e., the policy implications and the potential concerns with the biometrics and data security technologies, was challenging. The call for paper and participation was also posted on public notice boards in major international conferences, like BTAS 2009 held in Washington, whenever the program committee members had opportunity to visit such conferences. The conference website http://www.comp.polyu.edu.hk/conference/iceb was regularly updated with the links and news from the most recent incidents depicting the challenges associated with the usage of biometrics and data protection technologies. Several social action groups, established research and development institutions on the bioethics, law enforcements, data privacy and protection regulatory bodies, system integrators, users and developers of biometrics technologies were located from all over the world and encouraged to submit the papers and participate in the conference. The call of papers for this conference is available on page 14 in this report. As can be noticed from the attached document, the call of papers clearly outlined the extended range of topics that would be of potential interest in the multidisciplinary domain of this conference.

A. Conference Venue and Logistics The prime consideration in selecting the conference hall and location was the ease of access, quality of amenities, convenience and importantly the cost. The venue was therefore selected as the Senate Room of The Hong Kong Polytechnic University which is located within the campus. The conference organizers also supported and supervised the accommodation arrangements for the speakers and the participants. We contacted three different hotels, all located within the walking distance from the conference venue, to seek the discounted accommodation for the participants. The accommodation rates has to be negotiated much in advance as the January is the high season month in Hong Kong that typically experiences highest tourist traffic flow. The accommodation arrangement for all the key note speakers was supervised and supported by the local staff in our university. B. Invitation for Speakers The ‘India Preparatory Meeting on Biometrics and Data Protection' that was held in New Delhi on September 24-25, 2009 provided another venue for the discussion on the agenda for the third international conference and the selection of speakers. Each of the submitted paper was reviewed by at least two reviewers and large number of papers submitted were highly technical in nature and therefore rejected since there are already several other venues for submitting/presenting such papers. The review results of the papers submitted for the conference was prepared and the authors were notified for the decision on their papers along with the comments from the reviewers. A preliminary list of key note speakers to be approached for their possible talk and participation during the Hong Kong conference was prepared during the India preparatory meeting. This list

4

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

was continuously revised and updated largely based on the outcome of the pursued invitations, feedback from the conference chairs. We selected 25 speakers for the conference and received their final confirmation for the talk. All of the nonlocal invited keynote speakers were supported for their travel and accommodation during the conference visit.

IV. The Third International Conference The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing was held in Hong Kong on January 4-5, 2010. This conference was the first major international event from the RISE project in the Asia Pacific region to promote the dialogue among the key stakeholders. The conference witnessed the participation of over 150 registered participants. The conference program invited world-wide attention, with the attendances from 19 countries and regions including – Belgium, China, France, Hong Kong, India, Italy, Israel, Japan, New Zealand, Belgium, Slovenia, Switzerland, Estonia, Taiwan, Malaysia, Australia, United Kingdom, United States. The conference program gave broad coverage to the social, cultural, ethical, legal and technical challenges in the deployment/development of biometrics applications and technologies; and government interests were also represented. Among those departments that participated were the representatives from the US and Israeli governmental agencies and representatives from the Hong Kong Police Force, Hong Kong Immigration Office, Office of Hong Kong Privacy Commissioner, and public media, including Radio Television Hong Kong (RTHK), Television Broadcast Limited (TVB), Ming Pao, and The Standard. The conference program witnessed 25 oral presentations, and promoting interactions and discussion among the conference participants that stimulated a wealth of new ideas. The breadth of international and social representation was one of the key advantages of lively discussions that prompted immediate feedback/comments on relevant issues.

The conference opened after a warm welcome opening address by Prof. David Zhang from The Hong Kong Polytechnic University, and three opening speeches by Dr. Hon Samson Tam, Legislative Councillor; Prof. Emilio Mordini coordinator of the RISE project and Director of the Centre for Science, Society and Citizenship, Italy; and Prof. Alex Wai from The Hong Kong Polytechnic University. Prof David Zhang highlighted that this was not a conventional biometrics conference and outlined on the raising concerns and issues with the deployment of biometrics and data security technologies. He motivated the conference delegates to develop some consensus on the policy issues, extensively review the current practices, evaluate the concerns and cost benefits from evolving technologies and outline the strategies to meet the privacy and socio-technological challenges. Dr. Hon Samson Tam noted that the biometrics characteristics are exploited not only for the automated personal identification to ensure security but also for the medical diagnosis. He congratulated the Biometrics Research Centre for successfully cultivating technological innovations from highly motivated researchers and actively participating in this dialogue to address the ethical and social concerns on the deployment of the new technologies. Prof. Emilio Mordini gave the historical perspective on the conference and provided an overview on the open issues from the previous two conferences organized in Brussels and Washington DC by the European Commission, US DHS and the US Visit Program respectively. He detailed on the organization of European Commission supported RISE

5

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

Upper left: Prof. David Zhang, from The Hong Kong Polytechnic University, delivering the welcome address; Upper right: Dr. Hon. Samson Tam, JP, Legislative Councilor Hong Kong, speaking during the welcome session; Lower left: Prof. Emilio Mordini, RISE Project Coordinator, delivering welcome speech and introducing the RISE, BITE and HIDE projects; Lower right: Prof. Alex Wai, Dean of Engineering, The Hong Kong Polytechnic University, delivers the opening address.

project, the conference agenda, motivated the policy regulators and the participants to coming up with some consensus and policy recommendations on the ethical, medical, legal, social, cultural and political concerns in the deployment of biometrics and data security technologies. The welcome session was concluded by Prof. Alex Wai, who drew the attention of participants towards the successful usage of fingerprint based Hong Kong ID cards in Hong Kong which provides a model for the effective deployment of biometrics technologies for the benefits of citizens in e-governance and in high-speed border crossings. He noted that the utilities offered by Hong Kong identity cards seems to apparently outweigh the potential privacy concerns and the Hong Kong residents do not seem overly concerned with the privacy issues. He however necessitated international dialogue on privacy concerns and potential threats on the biometrics and data security technologies.

Mr. Roderick Woo, Privacy Commissioner for Personal Data, Hong Kong, addressed the first opening lecture on the challenges posed by the biometric technologies for the privacy protection and suggested tighter supervision of such sensitive data. “There has been a sharp rise in complaints concerning the collection of biometric data. Most concern the collection of employees' fingerprints by employers for attendance records,” he said. He proposed to classify the biometric data as sensitive personal data and said “The reconstruction of a fingerprint from the minutiae template with striking resemblance is not uncommon and there is a positive match in more than 90 percent of cases for most minutiae matchers.” Mr. Woo noted that healthy society should embrace different and sometimes conflicting interests. Therefore he called up on the users of biometrics data to offer less privacy intrusive alternatives and measures to lessen the adverse privacy impact.

6

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

Left: Mr. Roderick Woo, Privacy Commissioner for Personal Data, Hong Kong, delivering the opening keynote address on Challenges posed by Biometric Technology on Data Privacy Protection in Hong Kong and the Way Forward; Right: Dr. Nalini Ratha, from IBM J. Watson Research Centre New York, speaking on Privacy Protection in High Security Biometrics Applications.

The second keynote speaker Dr. Nalini Ratha, from IBM J. Watson Research Centre, deliberated on the technological advances in the privacy and biometrics data protection technologies. He illustrated the concepts behind the cancellable biometrics and emphasized this as one of the most promising solutions to jointly ensure high security and privacy for the sensitive biometrics data. His speech defended on the promises from evolving biometrics technologies that can offer extremely higher degree of privacy. In this context he detailed on the technical strength of cancellable biometrics developed to protect the biometrics data and ensure privacy. In this context, Dr. Ratha cautioned on the vulnerabilities of typical biometrics system to sophisticated cyber attacks and outlined range of open issues yet to be addressed by the researchers.

Top Left: Nataša Pirc Musar, Information Commissioner of the Republic of Slovenia, presenting her paper on The Dangers of Electronic Traces: Data Protection Challenges Presented by New Technologies; Top Right: Benedicte Havelange, European Data Protection Supervisor, speaking on Data Protection in Post Lisbon EU; Left: John Kropf, Deputy Chief Privacy Officer, Department of Homeland Security, delivering the speech on The Crossroads of Privacy and Biometrics.

The next session, i.e. session A, started with a lively talk from Ms. Nataša Pirc Musar, Information Commissioner of the Republic of Slovenia. She started her speech by stating that strong tools were needed for ensuring safety in modern digital technologies and discussed on range of issues concerning legal and 7

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

technological aspects in the protection of personal data. Ms. Nataša Pirc Musar further extended the discussion on the privacy while using the internet and concluded that personal privacy can be violated while using popular commercial services like electronic road toll system, CCTV, GPS, etc. Ms. Benedicte Havelange, European Data Protection Supervisor continued the discussion as next speaker and highlighted on current data protection practices in Europe and the main changes of the Lisbon Treaty. The second speaker in this session Mr. John Kropf, from the US Department of Homeland Security (DHS), outlined the critical needs for biometrics technologies in the government departments and cited live examples to illustrate the seriousness with which DHS takes privacy. He also gave an example on US-VISIT to illustrate US privacy framework and noted that the existing privacy oversight and accountability in this framework has been recognized internationally. The third speaker of this session, Prof Stan Li, could not make it for this conference due to snow storm related cancellation of all flights from in Beijing. However, the session chair Dr. René von Schomberg used this opportunity to extend the general debate before the scheduled lunch break.

Upper left: Dr. Helen Chan, from Hong Kong Immigration Department, speaking on Deployment of Biometrics Systems and Challenges; Upper right: Dr. Alessandro Acquisti, from Carnegie Mellon University, delivering keynote talk on Of Frogs and Herds: Behavioral Economics, Malleable Privacy Valuations, and Context-dependent Willingness to Divulge Personal Information; Lower left: Tim Parker, from The University of Hong Kong, speaks on Are We Protected? The Adequacy of Existing Legal Frameworks for Protecting Privacy in the Biometric Age; Lower right: Prof. H. Raghav Rao, from State University of New York, University at Buffalo, presenting his paper on The Unique Identification Number Project: Challenges and Recommendations.

The post lunch session, i.e. Session B, was firstly addresses by Dr. Helen Chan from the Hong Kong Immigration Department. Her presentation was largely focused on the challenges with the usage of biometrics technologies in the Hong Kong Immigration department. She showed examples of how the DNA, fingerprints, iris, and face traits are effectively exploited to improve the services delivered to the public as well as enhance the security of the identity cards and the travel documents. Prof. Alessandro Acquisti from Carnegie Mellon University gave next presentation that on behavioural economics and privacy related to revelation of personal data. He illustrated the results from a recent a study performed at Carnegie Mellon University which suggested that methods of soft paternalism and nudging privacy may be the best for increasing individual and 8

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

societal welfare related to privacy concerns. His study pointed out that the privacy valuations measured by willingness to trade-off personal information for monetary rewards and concerns about privacy measured by divulgence of private information are highly sensitive to contextual factors. Mr. Tim Parker from The University of Hong Kong gave his address which analysed biometrics and privacy protection framework from the legal aspects in Hong Kong and also in the (mainland) People’s Republic of China. Prof. H. Raghav Rao from University at Buffalo, State University of New York, presented his paper on the Unique Identification Number project (UID) recently launched in India. He discussed on some key challenges and made several recommendations for this project to increase the public awareness on the UID program, facilitate faster enrolment and handling, and amend the legal framework for its implementation.

Top Left: Prof. Massimo Tistarelli, from Università di Sassari, delivering his keynote talk on Human Face Analysis: from Identity to Emotion and Intention Recognition; Top Right: Dr. Richa Singh, from IIIT Delhi, speaking on Face Recognition and Plastic Surgery: Social, Ethical and Engineering Challenges; Left: Prof. Chi-Shing Chen, from National ChengChi University, Taiwan, delivers his talk on Biometrics Governance: H1N1 as a Case Study.

The invited talk and paper presentations in Session C were focused on privacy and socio-technological challenges in the biometrics based human identification. Prof. Massimo Tistarelli from the Università di Sassari, Italy, presented a technical analysis on the current and future face recognition technologies and compared them with the conventional human perception capabilities. He expressed concerns on the developing technologies which can be highly privacy invasive and cited recent examples from the facial expression analysis research which is intended to covertly recognize human emotions and intentions. Dr. Richa Singh from IIIT Delhi spoke on the ethical, social and engineering challenges of face recognition while encountering human faces with plastic surgery. Prof. Chi-Shing Chen from National ChengChi University, Taiwan, discussed on the governance with biometrics using the recent challenges involved in the usage of biometrics during H1N1 outbreak.

The theme of session D was on ethical values for the e-Society. Mr. Stephen Mak, Deputy Government Chief Information Officer, Hong Kong, firstly on information, security and privacy. He pointed out that with the emerging business models in the information and communication technology industry like “cloud computing” and “anything as a service” that offer users with easiness and flexibility in more dynamic ways, it is necessary to ensure the security, privacy and ethical issues in many more combinations that would have been required in the past. He also stated that prudent and proper use of biometrics is necessary on technological innovation, security and respect for privacy. Prof. Margit Sutrop, from University of Tartu,

9

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

delivered her invited talk on ethical issues in governing biometrics. She pointed out that in order to maintain public trust, it is important to let the public have some basic understanding of the biometrics technologies.

Left: Mr. Stephen Mak, Deputy Government Chief Information Officer, Hong Kong, speaking on Information, Security and Privacy; Right: Prof. Margit Sutrop, from University of Tartu, Estonia, delivers her keynote address on Ethical Issues in Governing Biometric Technologies – How to Maintain Public Trust?

The first keynote speech on the second day of conference was delivered by Prof. Xiaomei Zhai, Director Centre for Bioethics, Chinese Academy of Medical Sciences, Beijing. The ethical concerns outlined by Prof. Xiaomei Zhai included privacy, stigmatization, discrimination, the loss of identity, and some relevant decisions that concerns public welfare. She reported several incidents and public concerns on ethics and also suggested several alternatives to achieve good governance. Mr. Blair Stewart, Assistant Commissioner Office of the Privacy Commissioner, New Zealand, gave the next presentation titled “The International Standards on the Protection of Personal Data and Privacy”. In his speech, Mr. Blair made a major digression to explain the promising, but incomplete, attempt to synthesise the sensitive categories approach of the European instruments and the risk-assessment approach of the APEC framework. In doing so he explicitly picked upon on the Hong Kong Commissioner’s suggestion that biometric data be declared ‘sensitive’. He further commended that a special note being made of the Madrid Declaration endorsement of PIA (Privacy Impact Assessment) and other proactive measures from this conference.

Upper left: Prof. Xiaomei Zhai, Center for Bioethics, Chinese Academy of Medical Sciences, presents “The Status Quo and Ethical Governance in Biometric in Mainland China”; Upper right: Mr. Blair Stewart, Office of the Privacy Commissioner, New Zealand, talks regarding international standards on protection of personal data and privacy.

The post lunch session E was devoted for invited speeches and paper presentations on the applications of biometrics for security and forensics. Mr. Wing-On Chan, Francis, from Hong Kong Police Force, used the example of Facebook and the famous Tracy Turkish Brooks case, to effectively argue that the personal 10

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

information sent out every second while using internet and just replacing password control with biometrics authentication would not help. He expressed concerns on the vulnerability of biometric information and how a careless user who pays little attention to protect his password can also leave his biometric profile unprotected. Ms. Kim Legg from INTERPOL delivered next invited talk on international fingerprint and DNA exchange using INTERPOL. She reminded that the criminals do not respect borders and therefore the fingerprint and DNA information should be actively shared among countries. She cited several examples to illustrate successful usage of such facility at INTERPOL which resulted in successful conviction of criminals for the crimes committed in different countries. Dr. Elazar Zadok, Former Director, Identification and Forensic Science Division, Israel, presented his paper on the legislative and ethical questions regarding forensic ‘biometric’ databases. He pointed out that although in forensic the usage of these databases is very effective, they pose a lot of legislative and ethical concerns at the same time. He also argued that a DNA database generates more concerns since it contains sensitive genetic information regarding its owner, but this information may not necessarily be needed for the identification.

Top left: Wing-On Chan, Francis, from Hong Kong Police Force, speaking on Biometrics: The Hope or Gloom to Crime and Identity?; Top Right: Kim Legg, from INTERPOL, gives her speech on international fingerprint and DNA data sharing; Left: Dr. Elazar Zadok, former director of Identification and Forensic Science Division, Israel delivering his keynote lecture on legal and ethical issues regarding forensic biometrics databases.

The session F witnessed four invited talks on relevant topics related to digital identity and e- governance. Mr. Raymond Wong, from Jiaotong University, Shanghai, spoke on the fundamentals behind the popularity of biometrics and associated challenges with its usage in e-governance. He stated that the identity should be certified from the very beginning and the contradictions between identity and identification can be effectively resolved with the usage of B (Breeder document), C (Certainty, clarity, cogency), and D (DNA). Mr. Raymond Wong also outlined the issues like consent, shared use, twins, etc. and suggested some solutions. Mr. Ho Chang from BioID AG, Switzerland, focussed his talk on the privacy and data protection in the social 11

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

networks. He firstly overviewed on the objectives and popularity with the wide usage of social networks. He noted that the anonymity and physical distance in social networking using Facebook, MySpace, LikedIn, Twitter, etc., can lead to false sense of security. Mr. Chang cautioned on the risks bore by users and service providers, including for the privacy and data protection, while visiting social networking sites and suggested the potential usage of biometrics to enhance the trust in such scenarios. The next speaker in this session, Mr. Vinayak Godse from the Data Security Council of India, gave his talk on building a new ecosystem for cyber security and data protection. He firstly introduced the new trends in Indian e-economy. He introduced the key legal features of recent IT (Amendment) Act, 2008, which brings legal regime for cyber security and privacy to its citizens. He noted that the most law enforcement challenges are aggravated due to trans-border nature of crimes, which can be more effectively addressed by building healthy and responsible international collaboration. Mr. Nicolas Delvaux, from Sagem Sécurité, spoke on the effective usage of biometrics for identity trust. He outlined the technical differences between the traditional passport and the e-passport and discussed on the strengths of biometrics to enhance the protection of identity. He brought out that biometrics security can be used to enhance privacy and anonymity. Mr. Nicolas called for developing new technologies to protect citizen’s identity, against misuse, abuse and corruption of identity, so that the privacy and security becomes positive sum paradigm. This concluded the session on digital identity and e-governance, which was also the final keynote session of this conference.

Upper left: Mr. Raymond Wong, from Jiaotong University, Shanghai, gives his keynote talk on ABCD of BI; Upper right: Ho Chang, from BioID AG, speaks on Privacy and Data protection in Social Networks; Lower left: Mr. Vinayak Godse, from Data Security Council of India, presents on the Data Protection and Cyber Security; Lower right: Mr. Nicolas Delvaux, from Sagem Sécurité, speaks on Protected Biometrics for Identity Trust.

The last or concluding session of this conference was chaired by Prof David Zhang and was intended to summarize the deliberations from this conference. The coordinator of RISE project, Prof. Emilio Mordini drew the conclusion that even though biometrics technologies may cause potential problems and risks, the use of this technology should not be restrained, and the solution for all the problems will be found by continuing 12

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

dialogue and world-wide collaboration. This result underscores the importance that world-wide collaboration would play in the future usage of biometrics across the world. Dr. René von Schomberg from the European Commission, DG Research, Ethics and Governance and Project Officer of RISE, summarized that the public awareness should be raised on the biometrics technologies, to ensure more effective protection of personal privacy and biometrics data. Without adequate measures to protect the biometric profile of an individual, no widespread scheme to utilize biometric data would be successful, this necessitates further research into ensuring safety of biometric data and researchers must take this challenge with priority. Mr. John Kropf, from the Department of Homeland Security, USA, concluded that the challenges of using biometrics versus privacy intrusion and human rights violation are world-wide, and to address these issues authorities would need world-wide collaboration, dialogues among different communities and communications among various domains of expertise ranging from bureaucrats to research scientists.

The proceedings of this conference were published as post conference proceedings by Springer, Lecture Notes in Computer Science, LNCS 6005. The authors of each of the accepted papers were provided ten additional days following this conference so that they can submit the revised version of their papers that incorporates the comments and feedback received during the conference. The third international conference on ethics and policy of biometrics and international data sharing witnessed wide consensus on designating biometric data as sensitive. The conference debates also outlined the need to bring more public awareness for higher privacy and security controls in popular social networking websites. In summary this conference was highly successful in bringing the awareness on the ethics and policy of biometrics and a significant step forward in developing consensus, collaborations and understanding on ethical, medical, legal, social, cultural and political issues among researchers, policymakers, consumers and privacy groups which usually address these issues from different perspectives.

13

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

V. Call for Papers

14

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

VI. Abstracts and Biographies Opening Session 09:00 – 09:10 Hon. Samson Tam, JP, Legislative Councillor (Information Technology Functional Constituency) Biography: Samson Tam is a home-grown IT man with an international orientation, with a bachelor degree from CUHK and a doctorate from Hong Kong Polytechnic. He was bitten early by the business bug. In 1989, at age 24, he successfully launched his first invention. By 1993, Tam’s company, with him as Chairman, was listed on the Stock Exchange of Hong Kong. It now counts iconic multinationals among its blue-chip clients. Tam himself was named one of the “Ten Outstanding Young Persons” in year 1997.

Tam takes his civic duties seriously, serving bodies both within and without the IT industry. He is currently Deputy Chairman of the HKPC. Previously, he also sat on the government’s Commission on Strategic Development. He represented the Information Technology Sub-sector in the 2006 Hong Kong Chief Executive Election Committee. He is a member of VTC’s Information Technology Training and Development Committee, the Digital 21 Strategy Advisory Committee and the Small and Medium Enterprises Committee.

He knows that creativity is the essence of the IT industry. Nurturing creative entrepreneurship keeps the industry growing. He has been willing to participate in angel investments to help out local budding IT entrepreneurs.

In June 2008, in recognition of his service and leadership in technology and the community, Tam was awarded an Honorary Fellowship by HKUST, the leading technological university in Asia. He is successfully elected to be the Legislative Councillor (ITFC) in September 2008.

09:10 – 09:20 Emilio Mordini RISE Project Coordinator, Centre for Science, Society and Citizenship, Rome, Italy Biography: Dr. Mordini is an M.D. from the University “La Sapienza” of Rome, and an M.A. in Philosophy from the Pontifical University “S. Thoma” of Rome. Since March 2002 he has been managing director of the Centre for Science, Society and Citizenship (CSSC) an independent, interdisciplinary research centre that addresses ethical and policy issues in healthcare and biomedical research. Emilio Mordini is certified scientific expert of the Italian Ministry of Education, University and Research.

Dr. Mordini is a practising psychiatrist (sub specialized in psychodynamic psychotherapy) and he is ordinary member of the Italian Association of Psychiatry. Since 1996 he has been members of the Bioethical Commission of the National Research Council (CNR) where he currently serves as scientific secretary. He is also member of the Bioethical Commission of the Medical Association of Rome. He is coordinator (together KWM Fulford) of the Psychiatric Network of the International Association of Bioethics, and member of the executive council of the Association for the Advancement of Psychiatry and Philosophy (AAPP).

Dr. Mordini has coordinated various research projects in bioethics both at Italian and European level, among which “Brain Elsa: ethical, legal, and social aspects of brain research”, “EURO ELSAV: ethical, legal and social aspects of vaccine research and vaccination policies in Europe”, and “Big – Bioethical Implication of Globalisation Processes”. He is past treasurer and past secretary of the European Association of Centres of Medical Ethics (EACME). He has also served as a member of the board of directors of the International Association of Bioethics (IAB).

15

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

09:20 – 09:30 Alex Wai Dean of Engineering, The Hong Kong Polytechnic University, Hong Kong Biography: Prof. P. K. Alex Wai received the Bachelor of Science (Hons) degree with first class honours from the University of Hong Kong in 1981, and the M.S. and Ph.D. degrees from the University of Maryland, College Park, USA, in 1985 and 1988, respectively. In 1988 he joined Science Applications International Corporation in McLean, VA, where he worked as a Research Scientist on the Tethered Satellite System project. In 1990 he became a Research Associate in the EE Department of the University of Maryland, Baltimore County, USA. In 1996 he joined the Department of Electronic Engineering, Hong Kong Polytechnic University as an Assistant Professor, in 1997 he became Associate Professor, in 2002 he became Professor and Head of the Department, in 2005 he became Chair Professor of Optical Communications and Dean of Faculty of Engineering.

His research interests include theory of solitons, modeling of fiber lasers, simulations of integrated optical devices, long distance fiber optic communications, and neural networks. Prof. Wai is an active contributor to the technical field, having over 80 international publications. He is a reviewer for many international journals and was an invited speaker in international conferences. Prof. Wai is a member of Optical Society of America and a Senior member of IEEE.

Session A

11:00 – 11:20 Nataša Pirc Musar Information Commissioner of the Republic of Slovenia

The Dangers of Electronic Traces: Data Protection Challenges Presented by New Technologies

Abstract: Modern IT technologies are more and more invasive for peoples’ privacy. E-ticketing involves processing of a significant amount of personal data at the time the cards are issued to users and every time the card is used. Personal data is being processed thanks to the identifiers that are associated with every subscriber and collected by the validation devices to be subsequently stored in the databases of transport companies. Biometric data always refers to an identified or at least identifiable person. And even when stored electronically in a form of a template it is still personal data, as it is not impossible to identify an individual. In terms of data protection rules applicability to online marketing practices a common misconception and the position usually held by the industry is that the processed data is anonymized due to the fact that IP-address is removed and supplemented by a unique identifier to differentiate between different users. Data Protection Authorities in Europe claim that the data collected and processed in the course of behavioural advertising definitely represents personal data as its core purpose is to differentiate between users.

Biography: Nataša Pirc Musar was born in 1968 in Ljubljana. After graduating from the Faculty of Law in Ljubljana in 1992, she passed the bar examination in 1997. After completing her studies she was employed for six years at the Slovenian national television as a journalist and news presenter of the main news TV Dnevnik. Subsequently, she worked for five years as news presenter on “24 ur”, the central information programme of the largest commercial television broadcaster in Slovenia, POP TV.

She gained additional experience in journalism at CNN, and attended the Media Department of the Salford University in Manchester in the UK for two semesters. During her studies she did her professional practice at BBC, Granada TV, Sky News, Reuters TV and Border TV.

16

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

She has also contributed newspaper articles and worked on radio. Striving for new knowledge, she moved in 2001 to the financial sector where she joined the largest Slovenian private financial corporation Aktiva Group as a Head of Corporate Communications. In April 2003 she became Director of Training and Communications Centre at the Supreme Court of the Republic of Slovenia. On July 15th, 2004, she was elected in the National Assembly to become the second slovenian commissioner for access to public information. She was nominated by the President of the Republic of Slovenia. From December 31, 2005 onwards, when Office of the Commissioner for Access to Public Information merged with the Inspectorate for Personal Data Protection, Nataša Pirc Musar performs her function as an Information Commissioner and s fluent in Croatian/Serbian and English.

11:20 – 11:40 Bénédicte Havelange European Data Protection Supervisor, Brussels Data Protection in Post Lisbon EU

Abstract: The Lisbon Treaty just entered into force and will change profoundly the institutional and legal landscape in Europe. In the context of biometrics, I will discuss the outstanding issues and on the role of European Data Protection Supervisor. My talk will extensively discuss on the impact of the Lisbon Treaty on the development of an EU area of Freedom, Security and Justice.

Biography: Bénédicte Havelange works for the policy and Information Unit of the European Data Protection Supervisor; she is coordinator of the EDPS' activities related to EU large-scale IT systems and to border management/immigration/asylum issues. Before her appointment at the EDPS, she worked for the Belgian Data Protection Authority as a legal officer and later as the Secretary- General. She represented the DPA in several international fora such as the Joint Supervisory Authorities of Schengen, Europol and CIS or the Article 29 Working Party. Her main tasks at the EDPS are organising the coordinated supervision of Eurodac (EU database on asylum seekers), drafting legal opinions on EU legislative proposals, providing advice on EDPS policy, following up on the development of new EU large-scale IT systems (i.e. SIS II, Visa Information System, Customs Information System).

11:40 – 12:00 John Kropf Deputy Chief Privacy Officer, Department of Homeland Security, USA The Crossroads of Privacy and Biometrics

Abstract: Three-part presentation intended to provide an overview of the Department of Homeland Security biometric systems and how they incorporate privacy protections. The presentation will summarize the basic privacy framework used by DHS. Part three of the presentation reports on developments in biometrics between governments.

Biography: John W. Kropf serves as the Deputy Chief Privacy Officer and Senior Adviser for International Privacy Policy in the Privacy Office with the DHS. He serves as a key adviser to DHS's Chief Privacy Officer and other DHS leadership on issues related to compliance with privacy laws, DHS polices programs and agreements that adhere to fair information principles as well as chief operation officer and policy strategist for the Privacy Office. Kropf also oversees the Office’s international privacy work and has represented the Department on U.S. Government delegations to the OECD, APEC and served as adviser to various international negotiations. Before joining DHS, Kropf worked for ten years as an international lawyer with the U.S. Department of State in the Office of the Legal Adviser. He also served two years with the American Embassy in Turkmenistan where he was served as Country Director for USAID. He began his federal career as an attorney with the U.S. Department of Justice Honors Program. Kropf earned his law degree and a

17

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

Masters of Public and International Affairs from the University of Pittsburgh. He is a member of bars of Pennsylvania and the District of Columbia. He and has published numerous articles on global privacy issues.

12:00 – 12:20 Stan Li Chinese Academy of Sciences, Beijing, China Biometrics in China: Trends, Opportunities, Challenges

Abstract: In this talk, China's national facts related to biometrics and introduce governmental and research organizations is reported, and followed by a presentation of recent advances in biometrics R&D and significant deployments of biometrics applications. Situations of biometric standardization and privacy concerns are reported and discussed.

Biography: Stan Li received the PhD degree from Surrey University, UK. He is currently a professor at National Laboratory of Pattern Recognition (NLPR), the director of Center for Biometrics and Security Research (CBSR), Institute of Automation, Chinese Academy of Sciences (CASIA); and co-director of Joint Laboratory for Intelligent Surveillance and Identification in Civil Aviation (CASIA-CAUC). He worked at Microsoft Research Asia as a researcher from 2000 to 2004. Prior to that, he was an associate professor at Nanyang Technological University, Singapore.

His research interest includes pattern recognition and machine learning, image and vision processing, face recognition, biometrics, and intelligent video surveillance. He has published over 200 papers in international journals and conferences, and authored and edited 5 books including "Markov Random Field Modeling in Image Analysis" (Springer, 1st edition in 1995 and 2nd edition in 2001). He is currently an associate editor of IEEE Transactions on Pattern Analysis and Machine Intelligence and has been actively participating in organizing a number of international conferences and workshops in the fields of his research interest.

Stan Li is an expert in face recognition, biometrics and intelligent video surveillance. The Eye-CU face recognition system he developed at Microsoft Research Asia was demonstrated by Bill Gate on a CNN interview. He has been leading several national and international collaboration projects in biometrics and intelligent video surveillance. The AuthenMetric face recognition system and intelligent video surveillance system have been deployed in many applications. He acted as the program chair for the Asian Biometrics Forum 2006 and a co-chair for the International Conference on Biometrics 2007. He delivered a speech on Biometrics in China, on behalf of the China National Body, at the 2006 ISO/IEC JTC1 SC37 meeting in London. He co-edited Handbook of Face Recognition (Springer, 2005), and is acting as editor-in-chief for Encyclopedia of Biometric Recognition (Springer, to be published 2008).

Session B

14:00 – 14:20 Helen Chan Hong Kong Immigration Department, Hong Kong Deployment of Biometrics and Challenges

Abstract: Speedy and accurate identity verification is a common requirement for performing various functions of the Immigration Department effectively. The presentation will share with the audiences how the Department makes use of biometrics technology to enhance the security of the identity card and the travel documents as well as to improve the services delivered to the public.

18

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

Biography: Dr. Helen Chan joined the Immigration Service in 1982 as an Assistant Immigration Officer. She was promoted to Chief Immigration Officer in 1998, Assistant Principal Immigration Officer in 2001, Principal Immigration Officer in 2002 and Assistant Director in 2006.

Dr. Chan had vast experience in immigration work, including the issue of documents to Hong Kong residents, the planning and implementation of large-scale computer systems in the Immigration Department, lobbying for visa-free arrangements for Hong Kong Special Administrative Region passport holders to other countries, and visa and policies related work.

14:20 – 14:40 Alessandro Acquisti Carnegie Mellon University, USA Of Frogs and Herds: Behavioral Economics, Malleable Privacy Valuations, and Context-dependent Willingness to Divulge Personal Information

Abstract: The results of a number of experiments investigating privacy valuations and decision making through the lenses of behavioral economics will be reported. Contrary to the assumption in much social science that people have stable, coherent preferences with respect to personal privacy, we find that privacy valuations measured by willingness to trade-off personal information for monetary rewards and concerns about privacy measured by divulgence of private information are highly sensitive to contextual factors. Results from a number of experiments will be reported, one of which was designed to measure individual willingness to pay to protect and willingness to accept to divulge personal data; while others were designed to elicit or to suppress privacy concerns. This research raises questions about whether individuals are able to navigate in a self-interested fashion increasingly complex issues of privacy.

Biography: Alessandro Acquisti is Professor of Information Technology and Public Policy at the Heinz College, Carnegie Mellon University, a member of Carnegie Mellon CyLab, and a fellow of the Ponemon Institute. His research investigates the economics, and behavioral economics, of privacy and information security, as well as privacy in online social networks. Alessandro has been the recipient of the PET Award for Outstanding Research in Privacy Enhancing Technologies and the IBM Best Academic Privacy Faculty Award. His discovery of the predictability of Social Security numbers made headlines on US and international newspapers in July 2009, and was featured in the “Year in Ideas” issue of the New York Times Magazine. Alessandro’s research has been disseminated through journals (including the Proceedings of the National Academy of Science, Marketing Science, Marketing Letters, Information Systems Research, IEEE Security & Privacy, Journal of Comparative Economics); edited books and book chapters; and leading international conference proceedings and keynotes. His findings have been repeatedly featured in media outlets such as NPR, the New York Times, the Wall Street Journal, the Washington Post, the New Scientist, MSNBC.com, Wired.com, NBC, CNN, and Fox News. He holds a PhD from UC Berkeley and Masters from UC Berkeley, London School of Economics, and Trinity College Dublin.

14:40 – 15:00 Tim Parker The University of Hong Kong, Hong Kong Are We Protected? The Adequacy of Existing Legal Frameworks for Protecting Privacy in the Biometric Age

Abstract: The creation of a record containing biometric data would, in most legal systems, engage laws governing when, how and by whom that record may be accessed, stored, copied, destroyed, etc. However, there remain grave concerns amongst privacy advocates that existing privacy laws - which in many jurisdictions are general or 'principle-based' in nature – are insufficient to protect the individual from specific and distinct threats to privacy said to attach to biometric data. This talk will analyse the legal properties

19

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

intrinsic to biometric data as against other established categories of protected data. The survey is cross- jurisdictional, with emphasis upon the laws of the Hong Kong SAR and the People's Republic of China.

Biography: Hailing originally from Australia, Tim has been based in Hong Kong for the past 10 years. Tim is a practicing Barrister in Hong Kong, with Denis Chang S.C.’s Chambers. His practice deals predominantly with public law and international law litigation and advice, including in particular: immigration law, human rights and refugee law.

Tim also teaches at the University of Hong Kong, providing instruction on public international law, international humanitarian law, human rights law, and advocacy. He holds a Bachelor of Arts degree (with a major in Chinese Studies) from the University of Melbourne, and a Bachelor of Laws and Postgraduate Certificate in Laws from the University of Hong Kong.

15:00 – 15:20 H. Raghav Rao State University of New York, University at Buffalo, USA The Unique Identification Number Project: Challenges and Recommendations

Abstract: This paper elucidates the social, ethical, cultural, technical, and legal implications / challenges around the implementation of a biometric based unique identification (UID) number project. The Indian government has undertaken a huge effort to issue UID numbers to its residents. Apart from possible challenges that are expected in the implementation of UID, the paper also draws parallels from Social Security Number system in the US. We discuss the setbacks of using the Social Security Number as a unique identifier and how to avoid them with the system being proposed in India. We discuss the various biometric techniques used and a few recommendations associated with the use of biometrics.

Biography: Professor Rao graduated from Krannert Graduate School of Management at Purdue University. His interests are in the areas of management information systems, decision support systems, e-business, emergency response management systems and information assurance. He has chaired sessions at international conferences and presented numerous papers. He also has co-edited four books of which one is on Information Assurance in Financial Services. He has authored or co-authored more than 175 technical papers, of which more than 100 are published in archival journals. His work has received best paper and best paper runner up awards at AMCIS and ICIS. Dr. Rao has received funding for his research from the National Science Foundation, the Department of Defense and the Canadian Embassy and he has received the University's prestigious Teaching Fellowship. He has also received the Fulbright fellowship in 2004. He is a co-editor of a special issue of The Annals of Operations Research, the Communications of ACM, associate editor of Decision Support Systems, Information Systems Research and IEEE Transactions in Systems, Man and Cybernetics, and co-Editor-in-Chief of Information Systems Frontiers. Dr. Rao also has a courtesy appointment with Computer Science and Engineering as adjunct Professor. Professor Rao's PhD students have placed at Sogang U, UNCG, ASU, USF, FAU, MSU, OKState, FSU, PennState and others. Professor Rao teaches Information assurance, Networks and e-commerce. Prof Rao is also the recipient of the 2007 State University of New York Chancellor's award for excellence in scholarship and creative actitivities.

Session C

16:00 – 16:20 Massimo Tistarelli Università di Sassari, Alghero, Italy Human Face Analysis: from Identity to Emotion and Intention Recognition

20

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

Abstract: Face recognition is the most natural mean of recognition by humans. At the same time, images (and videos) of human faces can be captured without the user’s awareness. The entertainment media and science fiction has greatly contributed in shaping the public view of these technologies, most of the times exaggerating the potential impact in one’s privacy. Even though face images can be acquired, in any place, with hidden cameras it is also true that face recognition technology is not dangerous per se. Rather, whenever properly deployed, it can result for the protection of the citizens and also enhance the user convenience.

Face recognition today has achieved a quite high performance rate and most of the problems hindering the use of this technology have now been solved. Faces can be analyzed and characterized on the basis of several features. Then, a face can be tagged with several properties, not only the bearer’s identity, but also his gender, approximate age and possible familiarity with others. Moreover, the analysis of the facial expression may also lead to understanding the mood, maybe the emotional state and intentions of the analyzed subject. May this lead to a ”Big Brother scenario”? Is this technology going to hinder a person’s freedom or privacy? These questions are still to be answered and mostly depend on tomorrow’s good use of this emerging technology. As for today, many scenarios can be envisaged where face recognition technologies can be fruitfully applied. Among them, the border control at airports and other ports of entry are just the most addressed in the recent past. Other applications still exist which have been overlooked and are yet worth a more extensive study and deployment from both the Academia and Industry.

Biography: Massimo Tistarelli was born on November 11, 1962 in Genoa, Italy. He received a degree in Electronic Engineering from the University of Genoa, Italy in 1987 and the Phd in Computer Science and Robotics in 1991 from the same university. Since 1986 he has been involved as project coordinator and task manager in several projects on computer vision and image analysis funded by the European Community.

During 1986, 1991 and 1996 he has been visiting the Department of Computer Science, Trinity College, Dublin Ireland, developing methodologies aimed at the investigation of low-level visual processes. In 1989 he was a visiting scientist at Thinking Machines Co. and MIT in Cambridge, Massachusetts, developing parallel algorithms for dynamic image processing on the Connection Machine system. Since 1994 he has been the director of the Computer Vision Laboratory at the Department of Communication, Computer and Systems Science of the University of Genoa, leading several national and European projects on computer vision applications and image-based biometrics.

His main research interests cover biological and artificial vision (particularly in the area of recognition and dynamic scene analysis), biometrics, robotic navigation and visuo-motor coordination. He is author of more than 80 papers in scientific conferences and international journals. In 2000 he was the chairman for the International workshop on "Advances in Facial Image Analysis and Recognition Technology," in 2002 for the International workshop on “Biometric Authentication” and in 2007 for the fifth Int. Workshop on Automatic Identification Advanced Technologies. Prof. Tistarelli is the general chairman for the 3rd Int. Conference on Biometrics. He was associate editor for the journal Image and Vision Computing. Since 2003 he is the director for the International Summer School for Advanced Studies in Biometrics held in Alghero, Italy. Massimo Tistarelli is currently Full Professor in Computer Science at the Department of Architecture and Planning at the University of Sassari, Italy. He is fellow member of IAPR and senior member of IEEE.

16:20 – 16:40 Richa Singh IIIT Delhi, New Delhi, India Face Recognition and Plastic Surgery: Social, Ethical and Engineering Challenges

Abstract: Face recognition systems has engrossed much attention and has been applied in various domains, primarily for surveillance, security, access control and law enforcement. In recent years much advancement

21

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

have been made in face recognition techniques to cater to the challenges such as pose, expression, illumination, aging and disguise. However, due to advances in technology, there are new emerging challenges for which the performance of face recognition systems degrades and plastic/cosmetic surgery is one of them. In this paper we comment on the effect of plastic surgery on face recognition algorithms and various social, ethical and engineering challenges associated with it.

Biography: Richa Singh received her M.S. and PhD degrees in Computer Science in 2005 and 2008 respectively from the Lane Department of Computer Science and Electrical Engineering at West Virginia University. She have over 80 research publications in refereed journals, book chapters, and conferences and is the recipient of five best paper awards. She is a member of the IEEE, Computer Society, ACM, Golden Key International, Phi Kappa Phi, Tau Beta Pi, Upsilon Pi Epsilon, and Eta Kappa Nu honor societies.

She is also a member of the Indian Biometrics Standards Committee and the United States ANSI/NIST Committee to Define an Extended Fingerprint Feature Set. Her current areas of interest are pattern recognition, image processing, machine learning, granular computing, and biometric authentication.

16:40 – 17:00 Chi-Shing Chen National ChengChi University, Taiwan Biometrics Governance: H1N1 as a Case Study

Abstract: From a legal point of view, governance has specific meaning in the context of bottom up and dialogical approach to regulation instead of top down, command and control. H1N1, like previous SARS, poses great threat to public safety. There are already hospital applications, using RFID and biometrics to manage and track people who has virus that are dangerous to others. But it is not a technological issue alone; more technological innovation may be developed and at the same time without hurting personal right if different disciplines can communicate effectively to build best practices to response to the public safety crisis. In this talk, I will discuss and propose an interdisciplinary (technological, legal, medical/ethical, and administrative) dialogical approach thru a internet governance web to have a better and more effective responsive scheme toward H1N1 and future virus threatening public safety. Current legal framework is not adequate enough to develop such an integrated response mechanism and will also be discussed.

Biography: Professor Chi-Shing Chen received his S.J.D. from the University of California, Berkeley. He is specialized in History of Western Jurisprudence, Introduction to the Study of Law, Information Technology and Literacy, Law and Information.

Session D

17:00 – 17:20 Stephen Mak Deputy Government Chief Information Officer, Hong Kong Information, Security and Privacy

Abstract: Biometrics is increasingly taking on expanded meanings and contexts. It has certainly gone way beyond the traditional boundaries of application in identity management. The traditional capture of biometric data is more explicit and usually on a more large scale. With the advent of the explosive use of the Internet, social networking/engineering, remote sensing, wearable computers, etc., devices and machines that themselves can perform biometric-like functions are opening up new applications on the one hand, and creativity new issues on security, privacy and ethics on the other. In the foreseeable future, further major developments in information and communications technology (ICT) and associated service platforms will add 22

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

to the complexity of addressing these issues, especially when the responsibilities for these issues are being changed, or even lost in transit. With the emerging business models in the ICT industry like “cloud computing” and “anything as a service” that offer users with easy-to-acquire and flexible-to-expand services in more dynamic ways, it is necessary to consider the security, privacy and ethical issues in many more combinations that would have been required in the past. By the same token, in considering public policies and regulatory frameworks that touch upon these issues, it is also important that we recognize the evolving and even amorphous nature of the issues, and do not consider them as part of a zero-sum game such that something is achieved only at the expense of another. Prudent and proper use of biometrics is compatible with Hong Kong’s policy and strategy on technological innovation, security and respect for privacy. We encourage innovators, entrepreneurs, vendors, regulators and governments to collaborate in striking a balance in the effective use and deployment of biometrics.

Biography: Stephen Mak is the Deputy Government Chief Information Officer (Operation) of the Hong Kong Special Administrative Region Government. The Office of the Government Chief Information Officer (OGCIO) is responsible for formulating policies and strategies and implementing measures to drive IT development in Hong Kong. Mr. Mak is responsible for IT industry development policy and strategy, including cooperation with the Mainland and countries that have ICT collaboration agreements with Hong Kong. He also directs the provision of programme management and application integration services; IT infrastructure and security, technology management and sourcing; standards and IT security policy; IT manpower and professional development; and programmes to facilitate the development of the local IT industry, promote the adoption of e-business and bridge the digital divide.

Mr. Mak has 35 years of experience in the IT field. He joined the Hong Kong Government in 1975 and has since held a number of IT strategic planning, programme and technology management, professional services and corporate management positions. He holds an MBA degree from the Chinese University of Hong Kong, and is a Chartered Engineer and a Chartered Information Technology Professional.

17:20 – 17:40 Margit Sutrop University of Tartu, Estonica Topic: Ethical Issues in Governing Biometric Technologies – How to Maintain Public Trust?

Abstract: Public discussion on the ethical issues of biometrics has been lacking so far. Such discussion is mandatory, as authentic public trust is depending on the information and understanding of the issues at stake. As biometric technologies are based on measurements of physiological or behavioral characteristics of the human body, biometrics raises a host of ethical concerns such as protection of privacy, autonomy, and bodily integrity, risk of social exclusion, etc. Most of these concerns seem to be more or less similar to the questions raised by the ethics of technology in general. On the other hand biometrics is considered to be one of the most significant examples of how complex it is to match individual and collective needs and values.

In the first part of the paper it will be asked whether there are any specific ethical issues raised by the development and use of biometric technologies. In the second part of the paper it will be asked how standard ethical questions are changed by biometric technologies and whether these technologies require new ethical frameworks.

Biography: Margit Sutrop is a Professor of Practical Philosophy, Head of the Institute for Philosophy and Semiotics and the founding Director of the interdisciplinary Centre for Ethics at Tartu University. She has published widely on aesthetics, moral and political philosophy, bioethics, and ethics of technology. Her current research interests are value pluralism, moral motivation, and ethical issues of new technologies. She is the author of “Fiction and Imagination. The Anthropological Function of Literature” (Paderborn: Mentis, 2000)

23

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

and editor of 10 books. She has been guest editor of a special issue of Bioethics (vol. 18, 2004) on pharmacogenetics and of Trames (vol. 8, 2004) on the ethical, legal and social issues of human genetic databases. She has coordinated numerous national (10 grants) and international (8 grants) R&D projects. She is member of the Estonian President’s Advisory Board, member of the Estonian Council of Bioethics, member of the Clinical Ethics Committee of Tartu University Clinic, member of the Council of the Academia Europaea, of the European Commission’s Advisory Board for Humanities in the 7th FP and an independent ethical expert of the European Commission.

Session E

10:00 – 10:20 Wing On Chan, Francis Superintendent of Police, Hong Kong Police Force, Hong Kong Biometrics: The Hope or Gloom to Crime and Identity?

Abstract: While eye-witness was perhaps the only lead to crime detection in ancient times, social and technological progression enabled a huge leap from visual identification, physical, biological, biochemical to biotechnological identification. What lies the future in biometrics? What about cyber identity? What are the challenges and opportunities they are bringing towards identity and crime?

Biography: Chan Wing On, Francis, has extensive service and expertise with the Hong Kong Police Force in the realm of criminal investigation, intelligence-led policing, cybercrime and information security. His proactive and insightful policing style earned him recognitions whether he was bashing the triad groups, dissolving organized swindlers or eliminating security threats. His policing experience spans from the Regional Anti-Triad Unit, Organized Crime and Triad Bureau, Technology Crime Division, and currently Information Systems Wing. Francis will present, from the angle of crime busters, whether biometrics is the hope or could be the gloom to future crime situations and in particular the issue on identity and crime.

10:20 – 10:40 Kim Legg General Secretariat, INTERPOL, Lyon, France International Fingerprint and DNA Exchange Using INTERPOL

Abstract: INTERPOL is the world's largest international police organization, with 188 member countries. INTERPOL has international fingerprint and DNA databases and encourages member countries to utilize these by submitting fingerprints and DNA profiles from non nationals including those from crime scenes. The presentation, hopefully, will demonstrate the need for sharing of such data.

Biography: Ms Kim Legg is fingerprint examiner and currently works with INTERPOL based in France.

10:40 – 11:00 Elazar Zadok Former Director, Identification and Forensic Science Division, Israel Legislative and Ethical Questions Regarding Forensic 'Biometric' Databases

Abstract: Forensic Science is gaining more importance in criminal justice, since the development of new sensitive and accurate scientific tools, and the construction of large computerized databases. Although very

24

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

effective, these databases pose a lot of legislative and ethical concerns. In case of DNA concerns are deeper since it contains sensitive genetic information regarding its owner, not necessarily needed for his identification. This paper focuses on issues related to the collection, utilization and retention of DNA samples and profiles of legally innocent populations, illustrated by a case study where a voluntarily given DNA sample for a murder investigation successfully solved three non related rape cases.

Biography: Elazar (Azi) Zadok got his Ph.D in organic chemistry from the Weizman Institute of Science in Rehovot, Israel in 1983. He served in different senior scientific positions in the Israeli Defense Forces (IDF) and the Israeli chemical industries. During the years 2000-2007 he was the Director of the Division of Identification and Forensic Science (DIFS) of the Israel National Police, ranking Brigadier General. He was deeply involved in the legislation and the establishment processes of the Israeli National Forensic DNA Database, becoming operational early in 2006. He also led the process of accreditation of the National Forensic Labs. He is now retired, serving as consultant for forensic services construction in developing countries, and is still active in lecturing on legislative and ethical perspectives of forensic databases.

Session F

11:20 – 11:40 Raymond Wong Visiting Professor, Jiaotong University, Shanghai, China ABCD of BI

Abstract: Biometrics is not something new. Applying biometrics for identification purposes has long existed for centuries. One interesting question is whether biometrics should be taken for identification purposes or biometrics should be adopted as cogent means for identity, hence the biometric identity. The former tells you the identity of a person which may be false while the latter attempts to impress that a particular identity is unique and trustworthy. There is a subtle difference between the two. To bridge this gap of the two, a convincing method should be in place. Raymond will explain his concept of ABCD for this purpose.

Biography: Raymond served the Hong Kong Immigration Department over 35 years, 25 years of which were related with information technology and identification documents. Heading the Information System Branch of the Department, he was the CIO cum CTO of the Department from 2002 till 2007 when he retired.

He was involved in all major computer systems and personal document projects of the Hong Kong Immigration Department from 1980’s until his retirement. Being the master mind, helmsman and lead engineer in implementing the 32 projects of the Second Information Systems Strategy from 1999 till 2007, he had delivered high quality and award winning systems for the Department. These include, inter alia, the Smart Identity Card Information System, the Control Point System, the Face Recognition System, the e- channel systems and the e-passport system.

He received two Bachelor’s degrees of Laws in China and UK respectively and has been awarded five Master’s degrees in Comparative Law, Chinese Laws, Management, Information Systems and Business Administration from universities in U.K., Hong Kong and China. He also holds a Doctor’s degree in Business Administration from University of Newcastle, Australia.

Raymond was awarded the ID People Awards (Honorable Mention) in the ID World International Congress, Milan in November 2006. He was selected the Hong Kong Computer Society Outstanding IT Achiever

25

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

Awards 2008: IT Leadership Award in early 2009. He has been appointed to be member of the Editorial Board of the Keesing Journal of Documents and Identity since 2009.

11:40 – 12:00 Ho Chang BioID AG, Switzerland Privacy and Data Protection for Social Networks

Biography: Ho Chang, founder of the BioID AG, has been CEO and Chairman of the Board since the inception of the company. BioID AG is a leading Swiss company in multimodal biometrics with its R & D facilities based in Germany. Mr. Chang has been in the industry since 1981. Despite of his involvement in the industry, Mr. Chang is an advocate of Bioethics and has been a regular speaker and participant for various events such as BITE (Biometric Identification Technology Ethics) conference, conferences and workshops organized by EU on Ethical and Social Implications of Biometric Identification Technology, Asia Biometric Workgroup etc. as well as a guest speaker on biometrics at various institutes. Mr. Chang graduated from the University of Toronto in Mathematics and Computer Science and has worked for companies such as Hewlett- Packard and Northern Technologies in Canada.

12:00 – 12:20 Vinayak Godse The Data Security Council of India, India Building a New Ecosystem for Cyber Security and Data Protection

Abstract: Expanding cyber security threats, evolution of cyber terrorism, rapid cyber crime investigation requirements, increasing awareness of security of personal data gathered by organizations, data protection requirements of Indian IT/BPO companies serving global clients and Increased security requirements for expanding e-governance and e-commerce demand a national level security ecosystem. This should be supported by government initiatives, strong legal framework, and effective law enforcement. Industry, on the other hand, should share this responsibility by deploying competent solutions at their end, and partner with government in its endeavour to build the capacity.

IT (Amendment) Act, 2008 enacted by Government of India, operational since 27th Oct 2009, offers a strong lever to “address all contemporary cyber security challenges” and promises establishing a “strong data protection regime” in India. Measures such as passing investigation power to a lower level officer and setting up of the cyber appellate tribunal will ensure speedier trial of cyber crimes. On the one hand, it introduces the concept of “sensitive personal information”, and liability of the ‘body corporate’ to protect the information, and on the other hand, it fixes the liability of individual for breach of confidentiality and privacy. This will go a long way for establishing a strong data protection regime in India, and certainly boost the confidence of global clients who are sending their data as a part of outsourcing to Indian IT/BPO companies.

Strengthened role of Role of CERT-In will contribute to improvement of security of critical infrastructure. Government’s policy initiative on encryption will provide the necessary impetus to the growth of e-commerce and e-governance. Government is also increasingly investing towards the cause of cyber security, which includes nationwide awareness initiatives, taking cyber safety messages to community, home users and the most vulnerable population like students. A key initiative of providing unique identity, would significantly add reliability and security of transactions. The UIDAI project will contribute to limit the identity threats that are posing significant challenges to increasing internet transactions. Law Enforcement bodies are gearing up to these new challenges upgrading their skills and building their competencies. Industry is also partnering with Law Enforcement bodies in their effort of building competencies.

26

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

Industry, on the other hand, is extending its support, working closely with government, and collectively contributing to build “strong National Security Ecosystem”. An industry initiative, Date Security Council of India, has been set up to focus on security and data protection to promote India as a trustworthy outsourcing destination. On the one hand, it works closely government in its policy enablement, and, on the other hand, it collaborates with international institutes and bodies that are working for the same cause. Being a leader in IT/ITES services, many companies are now augmenting security capabilities. Security has been seen a key interest of industry and academia, many security organizations flourished in recent past that are contributing to the building the ecosystem. This session will take a review on how different the different forces in India are working together to creating and strengthening the security ecosystem.

Biography: Mr. Vinayak Godse holds a BE (Electronics), and is Certified Information Security Manager (CISM), a certification conducted by Information System and Control Association (ISACA).

He is currently working as a Senior Manager, Security Practices with Data Security Council of India (DSCI). Vinayak Godse is managing a program for defining data security and privacy practices, based on which self regulation mechanism will be established. Along with this program he is also engaged in DSCI outreach program at national and international platforms for establishing collaboration with different legal and regulatory bodies, data protection authorities, global clients and outsource service providers of all categories including small and medium players.

Godse is working closely with Department of Information Technology (DIT), Govt of India, on cyber security initiatives, security and privacy surveys and making of rules for IT Act. Vinayak Godse has 14 years of experience in Information Security, IT Transformation, Telecom Switching Infrastructure, Intelligent Networking and Broadband Infrastructure.

Prior to joining DSCI, he was working with Global Consulting Practice of Tata Consultancy Services (TCS) as a Consultant, Information Risk Management. Under the consulting wing of TCS, he executed different security consulting engagements for different clients across the globe and in different industry domains. Prior to TCS, Godse was working with a public sector telecom service provider in India, where he got an exposure to telecom infrastructure, intelligent networking and Internet backbone infrastructure.

12:20 – 12:40 Nicolas Delvaux Sagem Sécurité Protected biometrics for Identity Trust

Abstract: Biometrics is more and more deployed as the trusted mechanisms to establish a link between an individual and an identity attributed by any identity provider. The aim of the presentation is to show the necessity to protect biometrics sample. Indeed, mass deployment of biometrics aims to fight against identity usurpation. The mass deployment must be associated with appropriate measure to ensure that biometrics modalities are preserved against attacks. Mechanisms are legal and technical. Mixed approach to protect biometrics information is the method to trust new identity management approach.

Biography: Nicolas obtains engineer cum laude from Université Catholique de Louvain in 1988. Nicolas is a technical expert who will participate in several research projects. Since 1992 at Sagem, Nicolas has a solid experience in R&D projects. He worked in telecommunication field and contributed to emergence of GSM-R. Since 2002, Nicolas is working in biometric domain. Nicolas is coordinating research efforts of TURBINE (http://www.turbine-project.org). Nicolas has been participating for a long time in standardisation efforts on the ISO sub-committee dedicated to biometrics: head of the French delegation to ISO/IEC JTC1 SC37, chairman of the Biometric Focus Group at CEN, chairman of the Biometrics committee at AFNOR.

27

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

VII. Media Coverage The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing received wide media coverage and publicity from regional Chinese media as well as the international media. The public media coverage was extensive and both newspapers and electronic media showcased this event to their readerships and viewership. Amongst the newspapers which covered this event were Ming Pao, and The Hong Kong Standard, The Oriental Daily, while the electronic media coverage was done by Radio Television Hong Kong (RTHK) and Television Broadcast Limited (TVB) amongst others. The conference also received greater online coverage as well and created a buzz on the web and initiated discussions. News of this conference was posted on prominent news sites, forums, and highly influential blogs related to biometrics such as Silobreaker.com, LeScienze Web News, Findbiometrics.com, Asia Research News, European Biometrics Forum and TechBiometrics.com.

Samples from the media coverage in Newspapers and Websites

1. Biometrics Security News and Information http://biometricnews.typepad.com/biometric_news_and_inform/2010/01/lets-see-the-substance.html 2. Le Scienze Web News http://www.lswn.it/en/press_releases/2009/conference_on_ethics_biometrics_policy_and_international_dat a_sharing

3. European Biometrics Forum http://www.eubiometricsforum.com/index.php?option=com_content&task=view&id=833&Itemid=95

4. Findbiometrics.com http://www.findbiometrics.com/industry-news/i/7645

5. Asia Research News http://www.researchsea.com/html/article.php/aid/4852/cid/2/research/polyu_plays_host_to_international_co nference_on_ethics_and_policy_of_biometrics.html?PHPSESSID=oej3f8canb8i4u1nlhniuudjq6

6. ThirdFactor.com http://www.thirdfactor.com/2010/01/06/polyu-hosts-biometrics-ethics-conference#top

7. TechBiometric.com http://techbiometric.com/trade-events/the-3rd-international-conference-on-ethics-and-policy-of-biometrics- and-international-data-sharing/

8. SiloBreaker.com http://www.silobreaker.com/researchsea--asia-research-news-4_17339

9. TheStandard.com http://www.thestandard.com.hk/news_detail.asp?pp_cat=11&art_id=92645&sid=26589906&con_type=1& d_str=20100105#

10. PolyU Press Releases http://www.cpa.polyu.edu.hk/cpa/polyu/index.php?search=&press_section=&press_category=All&press_d ate=&mode=pressrelease&Itemid=223&option=com_content&page=3&order=desc&orderby=news_date& press_id=1271&lang=en

28

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

Media Coverage of Conference in China’s Business Newspaper “The Standard”

A newspaper clipping of an article about the Third RISE meeting in Chinese daily “The Sun” 29

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

Newspaper clipping of an article about the conference in the “Oriental Daily News”

30

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

VIII. Organization and Contents of Conference Proceedings

Organization

General Chairs: David Zhang (The Hong Kong Polytechnic University, HK) Emilio Mordini (Centre for Science, Society and Citizenship, Rome, Italy)

Program Chair: Ajay Kumar (The Hong Kong Polytechnic University, HK)

Program Committee: Christopher Megone (University of Leeds, UK) Frank Leavitt (Ben Gurion University, Israel) Frederik Kortbak (The European Privacy Institute, Denmark) Glenn McGee (The American Journal of Bioethics, USA) Kai Rannenberg (Goethe University Frankfurt, Germany) Nicolas Delvaux (Sagem Securite, France) Irma van der Ploeg (Zuyd University, The Netherlands) Cong Ya Li (The Chinese Medical Association on Medical Ethics, China) Kamlesh Bajaj (Data Security Council of India, India) Paul Mc Carthy (University of Lancaster, UK) Max Snijder (European Biometric Forum, Brussels) Kush Wadhwa (Global Security Intelligence, USA) Margit Sutrop (University of Tartu, Estonia) Niovi Pavlidou (University of Thessaloniki, Greece) Anil Jain (Michigan State University, USA) Massimo Tistarelli (University of Sassari, Italy) Michael Thieme (International Biometric Group, USA) Roland Chin (Hong Kong University of Science and Technology, HK) Nigel Cameron (Centre for Policy on Emerging Technologies, USA) Xiaomei Zhai (Chinese Academy of Medical Sciences, Beijing, China) Richa Singh (IIIT Delhi, India) Asbjorn Hovsto (ITS, Norway) Stan Li (Chinese Academy of Sciences, Beijing, China) Jaihie Kim (Biometrics Engineering Research Center, Korea) Mia Harbitz (Inter-American Development Bank, USA) Mark Riddell (SUBITO Project, UK)

Organizing Chair: Lei Zhang (The Hong Kong Polytechnic University, HK)

31

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

Organization of Conference Proceedings

Privacy Protection and Challenges

(a) Challenges Posed by Biometric Technology on Data Privacy Protection in Hong Kong and the Way Forward Roderick Woo (b) The Dangers of Electronic Traces: Data Protection Challenges Presented by New Technologies Nataša Pirc Musar and Jelena Burnik (c) Privacy and Biometrics for Authentication Purposes: A Discussion of Untraceable Biometrics and Biometric Encryption A. Cavoukian, M. Snijder, A. Stoianov and M. Chibba (d) From the Economics to the Behavioral Economics of Privacy: A Note Alessandro Acquisti

Legal Challenges

(a) Legislative and Ethical Questions Regarding DNA and Other Forensic "Biometric" Databases Elazar (Azi) Zadok (b) Are We Protected? The Adequacy of Existing Legal Frameworks for Protecting Privacy in the Biometric Age Tim Parker (c) Have a Safe Trip Global Mobility and Machine Readable Travel Documents: Experiences from Latin America and the Caribbean M. Harbitz and D. King

Engineering and Social Challenges

(a) On Analysis of Rural and Urban Indian Fingerprint Images C. Puri, K. Narang, A. Tiwari, M. Vatsa, and R. Singh (b) Privacy Protection in High Security Biometrics Nalini K. Ratha (c) Face Recognition and Plastic Surgery: Social, Ethical and Engineering Challenges H.S. Bhatt, S. Bharadwaj, R. Singh, and M. Vatsa (d) Human Face Analysis: from Identity to Emotion and Intention Recognition Massimo Tistarelli and Enrico Grosso (e) Creating Safe and Trusted Social Networks with Biometric User Authentication Ho B. Chang and Klaus G. Schroeter

Ethical and Medical Concerns

(a) Ethical Values for E-Society: Information, Security and Privacy Stephen Mak (b) Ethical Issues in Governing Biometric Technologies Margit Sutrop

32

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

(c) Interdisciplinary Approaches to Determine the Social Impacts of Biotechnology Pei-Fen Chang (d) Medical Safety Issues Concerning the Use of Incoherent Infrared Light in Biometrics Nikolaos Kourkoumelis and Margaret Tzaphlidou

Policy Issues and Deployments in Asia

(a) The Status Quo and Ethical Governance in Biometric in Mainland China Xiaomei Zhai and Qiu Renzong (b) Building a New Ecosystem for Cyber Security and Data Protection in India Vinayak Godse

Challenges in Large Scale Biometrics Identification

(a) The Unique Identification Number Project: Challenges and Recommendations Haricharan Rengamani, Ponnurangam Kumaraguru, Rajarshi Chakraborty and H. Raghav Rao (b) The Unique ID Project in India: A Skeptical Note Ramakumar

33

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

IX. List of Participants 1 Aini Zhong HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 2 Ajay Kumar The Hong Kong Polytechnic University, Hong Kong 3 Alessandro Acquisti Carnegie Mellon University, USA 4 Alessandro Italian Ministry of Public Administration and Technology Innovation, Alessandroni Rome, Italy 5 Miss Caroline Fan Immigration Department, HK SAR Government, Hong Kong 6 Anye Cai HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 7 Benedicte Havelange Office of European Data Protection Supervisor, Brussels 8 Blair Stewart Office of the Privacy Commissioner, New Zealand 9 Bo Fang HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 10 TS Chui Immigration Department, HK SAR Government, Hong Kong 11 Gary KC Ng Immigration Department, HK SAR Government, Hong Kong 12 Gavin Wah Immigration Department, HK SAR Government, Hong Kong 13 Chao Chen HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 14 Chi-Shing Chen National ChengChi University, Taiwan 15 Chun Wai Tan Universiti Tunku Abdul Rahman, Malaysia 16 Chun Yuan HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 17 Jodie Lee The Hong Kong Polytechnic University, Hong Kong 18 Cong Wang HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 19 David Leung Hong Kong Immigration Department, Hong Kong 20 David Zhang The Hong Kong Polytechnic University, Hong Kong 21 Dongmin Guo The Hong Kong Polytechnic University, Hong Kong 22 Elazar Zadok Identification and Forensic Science Division, Israel 23 Emilio Mordini Centre for Science, Society and Citizenship, Rome, Italy 24 Emily Lam Chief Inspector of Police, Hong Kong Police Force, Hong Kong 25 Fangmei Chen The Hong Kong Polytechnic University, Hong Kong 26 Feng Han HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 27 Feng Liu The Hong Kong Polytechnic University, Hong Kong 28 Fengxi Song The Hong Kong Polytechnic University, Hong Kong 29 Fengxi Song HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 30 Francis Chan Superintendent of Police, The Hong Kong Police Force, Hong Kong 31 Amy Tsang The Hong Kong Polytechnic University, Hong Kong 32 Coria Cheung Immigration Department, HK SAR Government, Hong Kong 33 Guangming Lu HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 34 H. Raghav Rao University at Buffalo, SUNY, Buffalo, USA 35 Hao Li HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 36 Haoyin Xu HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 37 Helen Chan Hong Kong Immigration Department, Hong Kong 38 Helen Shen The Hong Kong University of Science and Technology, Hong Kong 39 Hemi Pecker Technology Department, Counter-Terrorism Bureau, Israel 40 Hin Wing Yeung International Society for Chinese Medicine, Macau SAR 41 Ho Chang BioID AG, Switzerland

34

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

42 Huihui Wang HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 43 Ian Christofis Director, Biometix Asia, Hong Kong 44 Jairline M. Samuel Federal Bureau of Investigation, USA 45 James Loudermilk Federal Bureau of Investigation, USA 46 Jane You The Hong Kong Polytechnic University, Hong Kong 47 Jiajie Xu HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 48 Jiandong Zhang HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 49 Jiannong Cao The Hong Kong Polytechnic University, Hong Kong 50 Jin Xie The Hong Kong Polytechnic University, Hong Kong 51 Jinrong Cui HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 52 John Wong Office of the Government Chief Information Officer, Hong Kong 53 John Kropf Deputy Chief Privacy Officer, Department of Homeland Security, USA 54 Joyce Sut I Chong Office of Personal Data Protection, Macau SAR 55 Jun Liu HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 56 Shao Zilli The Hong Kong Polytechnic University, Hong Kong 57 Roland Chung Immigration Department, HK SAR Government, Hong Kong 58 Katja Jacobsen Lancaster University, UK 59 Kenneth Lam The Hong Kong Polytechnic University, Hong Kong 60 Kent Lau Office of the Government Chief Information Officer, Hong Kong 61 Kim Legg General Secretariat, INTERPOL, Lyon, France 62 Kush Wadhwa Global Security Intelligence, USA 63 LaRue Williams West Virginia University, USA 64 Lei Zhang The Hong Kong Polytechnic University, Hong Kong 65 Lin Zhang The Hong Kong Polytechnic University, Hong Kong 66 Luo Nan The Hong Kong Polytechnic University, Hong Kong 67 Collagan Thomas Federal Bureau of Investigation, USA 68 Margit Sutrop University of Tartu, Estonia 69 Mark Riddell SELEX Sensors and Airborne Systems Limited, Essex, UK 70 Max Snijder European Biometric Forum, UK 71 Mayank Vatsa IIIT Delhi, New Delhi, India 72 Meng Yang The Hong Kong Polytechnic University, Hong Kong 73 Messimo Tistarelli Università di Sassari, Alghero, Italy 74 Mingjie Fan HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 75 Nalini Ratha IBM Watson Research Centre, New York, USA 76 Nan Luo HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 77 Nataša Pirc Musar Information Commissioner of the Republic of Slovenia 78 Nicolas Delvaux Sagem Sécurité, France 79 Nigel M. de S. President and CEO, Centre for Policy on Emerging Technologies Cameron 80 Niovi Pavlidou University of Thessaloniki, Greece 81 P. C. Yuen The Hong Baptist University, Hong Kong 82 Pak Hin Tang The Hong Kong Polytechnic University, Hong Kong 83 Paul Mc Carthy University of Lancaster, UK 84 Pei Fen Chang National Central University, Taiwan

35

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

85 Qin Li The Hong Kong Polytechnic University, Hong Kong 86 Qinghua Hu The Hong Kong Polytechnic University, Hong Kong 87 Qingmin Liao Tsinghua University at Shenzhen, Shenzhen, China 88 Raymond Wong Jiaotong University, Shanghai, China 89 René Von European Commission, Brussels Schomberg 90 Richa Singh IIIT Delhi, New Delhi, India 91 Roderick Woo Privacy Commissioner for Personal Data, Hong Kong 92 Ruijie Hou HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 93 Samson Tam Legislative Councillor (Information Technology Functional Constituency) 94 Sankar VS ATAL Technologies Ltd, Hong Kong 95 Shanshan Zhu HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 96 Shouyu Ma HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 97 Shuanwei Zhang HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 98 Simon Siu The Hong Kong Polytechnic University, Hong Kong 99 Gordon HY Ma Immigration Department, HK SAR Government, Hong Kong 100 Stanley Chan Office of the Government Chief Information Officer, Hong Kong 101 Stephen Mak Deputy Government Chief Information Officer (Consulting and Operations), Hong Kong 102 Toi Seong Ian Office of Personal Data Protection, Macau SAR 103 Tianyang Liu HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 104 Tim Parker The Hong Kong Law Society, Hong Kong 105 Valeria Balestrieri Centre for Science, Society and Citizenship, Rome, Italy 106 Victor Zeng Managing Director, Just Marketing Company Limited, Hong Kong 107 Vinayak Godse The Data Security Council of India, India 108 Vivek Kanhangad The Hong Kong Polytechnic University, Hong Kong 109 Wilfred Tan NCS Hong Kong 110 Xiao Li HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 111 Xiaomei Zhai Centre for Bioethics, Chinese Academy of Medical Sciences, China 112 David Leung Immigration Department, HK SAR Government, Hong Kong 113 Xiaorui Zhang HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 114 Xingpeng Xu HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 115 Xu Yao HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 116 Ya Su The Hong Kong Polytechnic University, Hong Kong 117 Yahui Liu HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 118 Yan Li HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 119 Yanxue Mu HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 120 Yetian Huang HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 121 Yingbo Zhou The Hong Kong Polytechnic University, Hong Kong 122 Yinghui Chen The Hong Kong Polytechnic University, Hong Kong 123 Yong Xu HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 124 Yunlian Sun HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 125 Zechao Shang The Hong Kong Polytechnic University, Hong Kong 126 Zhen Hua Guo The Hong Kong Polytechnic University, Hong Kong

36

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

127 Zhengui Song HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 128 Zhenyu He HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 129 Zhian He HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 130 Eddie Chan The Hong Kong Polytechnic University, Hong Kong 131 Zhiyin Yang HIT Shenzhen, Shenzhen Graduate School, Shenzhen, China 132 Zhizhao Feng The Hong Kong Polytechnic University, Hong Kong 133 Zhu Li The Hong Kong Polytechnic University, Hong Kong 134 Lai Siu Chung The Hong Kong Polytechnic University, Hong Kong 135 Chiu Chi Pang The Hong Kong Polytechnic University, Hong Kong 136 Sze Mei Lam The Hong Kong Polytechnic University, Hong Kong 137 Denise Lui Communications Officer, Office of Hon Samson Tam, Hong Kong 139 Qijun Zhao The Hong Kong Polytechnic University, Hong Kong 140 Kenneth Lee The Hong Kong Polytechnic University, Hong Kong 141 David Dagan Feng The University of Sydney, Australia 142 Liu Yan The Hong Kong Polytechnic University, Hong Kong 143 Alex Wai The Hong Kong Polytechnic University, Hong Kong 144 Edward Zheng The Hong Kong Polytechnic University, Hong Kong 145 CW Kwok Immigration Department, HK SAR Government, Hong Kong 146 Miranda Leung The Hong Kong Polytechnic University, Hong Kong 147 Carmen Au The Hong Kong Polytechnic University, Hong Kong 148 King Hong Cheung The Hong Kong Polytechnic University, Hong Kong 149 Rosa Kwan The Hong Kong Polytechnic University, Hong Kong 150 Alice Lam The Hong Kong Polytechnic University, Hong Kong 151 CY Or Immigration Department, HK SAR Government, Hong Kong 152 WY Lau Immigration Department, HK SAR Government, Hong Kong 153 Andy Luk Immigration Department, HK SAR Government, Hong Kong 154 Ray Cheng Immigration Department, HK SAR Government, Hong Kong 155 Clement Lee Immigration Department, HK SAR Government, Hong Kong 156 Althay Cheng Immigration Department, HK SAR Government, Hong Kong

37

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong

HONGKONG 4.5JANUARY 2010

RISINGPANEUROPEAN ANDINTERNATIONAL AWARENESS OF BIOMETRICSAND SECURITYETHICS www.riseproject.eu

EMILIOMORDINI,M.D. 1MhMarch2009 28F8Fe b2012 DIRECTOROFTHECENTREFORSCIENCE,SOCIETYANDCITIZENSHIP ARESEARCHPROJECTFUNDEDBYTHEEUROPEAN ROME(IT) COMMISSIONETHICS AND GOVERNANCE UNIT INTHEINTHE SCOPE OFTHEFP7

1. CentreforScience,SocietyandCitizenship(Italy) 2. AristotleUniversityofThessaloniki(Greece) 3. TheHongKongPolytechnicUniversityBiometric ResearchCenter(China) 4. CfPliEiThli(UidCentreforPolicyonEmergingTechnologies(United States) 5. Lancaster University (United Kingdom) 6. EuropeanBiometricForum(Ireland) 7. GlobalSecurityygIntelligenceLLC(UnitedStates) 8. DataSecurityCouncilofIndia(India) 9. UniversityofTartu(Estonia)

12/March/2009 RISE KOM1213march2009,Rome 4

http://www.riseproject.eu

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 38 From01/10/2004toFebruary2007

BITE 20042007 HIDE 20082011 RISE20092012

ConvenedbyDHSand BlBrussels1516D6Dec2005 USVisitProgram ConvenedbyDGResearch EUdelegatesfromDG Art. 29WP chair Research ,BEPA , Directoranddelegatesfrom Art.29WP US DHS PrivacyOffice 80 partipantsfrom 9 50expertsmainlyfromEU, differentcountries USA

November,28– 292006 WashingtonDC

HOMELANDSECURITY, Jerusalem24September BIOMETRIC 2006: IDENTITY.SECURITY IDENTIFICATION & ANDDEMOCRACY PERSONALDETECTION ETHICS 30participantsfrom14 countries,Israel,France,Belg www.hideproject.eu ium,Italy, Slovenia, Bulgaria, Netherlands,Denmark,USA, Latvia,UK,Germany,Poland, Pal esti ni anA uth or ities. 1FbFeb2008 31Jan2011

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 39 1. ARISTOTLEUNIVERSITYOF 1. IBMGUNIVERSITYOFROTTERDAM HIDE THESSALONIKI(GREECE) (NETHERLANDS) 2. CENTREFORPOLICYONEMERGING 2. INTERNATIONALBIOMETRICSGROUP +Technology TECHNOLOGIES(()UNITEDSTATES) (()USA) Oriented 3. CENTREFORSCIENCE,SOCIETYAND 3. INTERNATIONALORGANISATIONOF PERMANENT CITZENSHIP(ITALY)– COORDINATOR MIGRATION(UNITEDNATIONS) INTERNATIONAL 4. UNIVERSITYOFROMELASAPIENZA 4. LANCASTERUNIVERSITY(UNITED (ITALY) KINGDOM) BITE INITIATIVEON 5. DATA SECURITY COUNCIL OF INDIA 5. NATIONALUNIVERSITY OF SINGAPORE (INDIA) (SINGAPORE) EXPLORATORY ETHICSAND 6. ESACOMMUNICATION(ITALY) 6. OPTEL(POLAND) 7. EUROPEANBIOMETRICFORUM 7. SAGEMSECURITE’(FRANCE) POLICYOF (IRELAND) 8. THEHASTINGCENTER(USA) RISE 8. EUTELIS(ITALY) 9. THE HONG KONG POLYTECHNIC RISE BIOMETRICS 9. FRAUNHOFERINSTITUTE(GERMANY) UNIVERSITY(CHINA) 10. GLOBALSECURITYINTELLIGENCELLC 10. UNIVERSITYOFLIJBLJANA(SLOVENIA) +Policy (UNITEDSTATES) 11. UNIVERSITYOFTARTU(ESTONIA) 11. HUMANSCAN(SWITZERLAND 12. ZUYDUNIVERSITY(THENETHERLANDS) OiOrien te d GERMANY)

Ukraine Turkey Switzerland Spain Slovenia Singapore Portugal NZldNew Zealand Malta Latvia Italy Series1 Ireland Greece France European Commission Czech Republic Canada Brazil AiAustria Argentina 0 5 10 15 20 25 30 35 40 16

1)GlbllbllobalHumanHumanMo bilibilibility

Massof Peoplein transit too huge to be handled intraditional ways

2)UUliblnreliable Identi ty Documents

Too many peoplewithout reliable documents.Too many unreliable States 3)GlobalIdentity Management

Digital Identities,dispersed andglobalised

17

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 40 1960 -75-75

Advancesin transport and communicationsare determining factors in the globalizationprocess,andwideraccesstothesetechnologieshasincreased themobilityofpeople,goodsandservices

Source: Population Action International 1994

20

Current Mobility …….

Source: Population Action International 1994 EstimatedGlobalMobilePopulations> 800million

21

21st Century’s Migration…….

In a world syst em wh ere nearl y a ll St a tes in devel opi ng count ri es are not able to provide their citizens with reliable identity documents, biometrics is likely to be the sole hope for most third world inhabitants to have trustworthy identity documents

Source: Population Action International 1994

23

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 41 Around51millionchildrenbornin2006havenot hadtheirbirthsregistered.Fortyfourpercentof thesechildrenliveinSouthAsia.

Oneinthreedevelopingcountrieshasbirth registrationratesoflessthan50percent.

TwooutofthreeAfricanchildrenunderagefiveare notregistered.

29

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 42 UNREGISTEREDCHILDREN

Anincreasingnumbflberofonlineapp licationsrequirea Internetbanking,online reliablemeansofidentificationofusers,thewhole trading,remotemanagement of confidentialdatabases and webhbarchitectureisincreasingllbdybasedoncertain accesstopersonalinformation requirecertaindigital digitalidentities identities. Theconventionalmeansof identification (e.g .passwords ,personal identificationnumbers)canbe easilycompromised,observed orforgotten.

[email protected]

Identitymanagementisgoingto becomeamorecriticalfactor in grid and cloud computing giventheneedtomanage interactionsbetweenhubsand perihipherycli ents. Biometr ics– includingvoice recogg,nition,humanmachine interactions,touchuser interfaceswiththeInternet– willbem oepeaeoreprevalen tin odeorder tocreatetrusteddigital identities

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 43 Ifonefocusesonlyonprivacy Theideathatprivacyisonlyan risks,itisunlikelythathefinds issueofwesterncountriesis solu tions. milisleadi ngand sh ould ldbbe Enlargedconversationshould abandoned. fosterboth respect for privacy andtechnologyinnovation. Inaglobalized,borderless world,Indiaand China are not Theconceptofprivacyaware “fastmoving,unregulated technologycanbemisleading: competitors”butare policy actors alltechnologymustbecome whichcanofferinteresting privacyaware. solutionstogovernance problemsinthisarea.

RISE

Thedevelopmentanddeployment ofbiometric technologies,systems ,and Itwasnotthosewhousedbrute applicationsshowthatprivacyand forcewhowouldprevail biometricsppyoliciesareinextricably but those who’ll use schemes interdependent.Biometricsand Privacyinvolvepoliticsandpublic andplots policyasmuch asit d oesl awan d technology. Aeschylus“PrometheusBound” By involvingdifferent stakeholders andperspectivesitispossibleto overcomedeadendsandtofind winwinsolutions.

Andthanktothe Polytechnic of HK, Prof Zhang,andallhisstaff for the great efforts !

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 44 Law, IT and personal data protection - legislative Modern Digital Technologies framework lags behind the IT development • Leg iltiislative F ramework( k(lalways lags ages behind the IT) • Law of the Net (Global Agreement) • “We miggpht not be able to stopyyou from doing bad things, but if we catch you, there will be consequences” • If we…, regarding data protection, Nataša Pirc Musar strong inspection tools are needed Information Commissioner, Republic of Slovenia • A lot of media support, quality prevention, awareness campaigns

Hong Kong, 4th of January, 2010

Proportionality Principle Privacy on the Internet?! • Data prevention v. data retention Contradiction per se • everybody is a potentional criminal GiGoing b ac ktitkto interne t… Legal office in USA – checked 5000 divorce files Facebook was a reason for a German Constitutional Court divorce in 989 cases!!! has set strict limits to the law enforcement authorities (especially to the secret services) with regard to secret Quotes from a wall of a supervision of the computers. They are only allowed to Facebook profile were used to supervise the computers in possession of individuals with prove infidelity special programmes (types of Trojan horses) in extreme cases when concrete threat to life or state exists. CClltiollection o fdtifdata in a dvance ‘th‘to have in st ock’ an dfrom Not to talk about randomly chosen individuals should thus not happen. Google/Dashboard

“If you have something that you don't want anyone to know, maybe you shouldn't be doinggp it in the first place!“

Eric Schmidt, Google CEO

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 45 Electronic Road Toll System Electronic Road Toll System On-board Unit:

Is there any 1.determining the position of the personal data: vehicle, 2.determining the segment of the • Position road and the corresponding tariff, • Journey time 3.calculating the sum spent for that segment, 4.sum total. • The control center does not have the position of the car

Employer v. Employee Telephone Traffic Data How to strike the right Facts: balance? 1. Dippylomatic mail was secretlyggiven to the media 2. Ministry wants to catch a bad guy • Internet 3. Let’s check all the telephone calls - • E mail data base with 110. 000 calls (in • Telephones house telephone system) • GPS • RFID - No need to contact the operator • CCTV 4. Who out of 700 employees was • Microsoft Software (heart beat) calling the media

Science fiction? Science fiction?

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 46 Do we wish the old times to come • Easily accesible back? biometrics – face recognition for up to 500 people = 318,29 € • Sloven ian biometric regime Mission impossible

“I have nothing to hide” argument Thank you for your "Our lives begin to attention end the day we biltbecome silent about things that matter."

Martin Luther King Jr.

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 47 General outline sor sor i i v v

• EU Data protection and the EDPS Super Super Data protection in the EU Area of freedom, security and justice ection ection t t • Biometrics – increased use for border undthLibTder the Lisbon Treat y management ta Prota Prota • The Lisbon Treaty: main changes in the an Da an Bénédicte Havelange Da an e 4 January 2010 e area offf free dom, secur ity an djd jus tice an d data protection Europ Europ

International Conference on Ethics and Policy of Biometrics and Data sharing January 2010 International Conference on Ethics and Policy of Biometrics and Data sharing January 2010

Role of EDPS Biometrics and data protection: sor sor i i v v OttOutstandi ng i ssues (1) • Regulation (EC) 45/2001 Super Super » Independent authority > EC institutions and bodies – Recognise limitations of biometrics • Supervision » Make informed decisions ection ection t » Monitoring compliance t » Introduce fall-back procedures • Consultation – Policy choices must be made ta Prota » Advising on new legislation Prota » Biometrics are not only about technology • Cooperation

an Da an Da an – Fight against the risk of exclusion by biometric

e » National DPA , WP29 , JSA e systems » Age limits, physical or ethnic differences Europ Europ

International Conference on Ethics and Policy of Biometrics and Data sharing January 2010 International Conference on Ethics and Policy of Biometrics and Data sharing January 2010

Biometrics and data protection: The Lisbon Treaty : sor sor i i v OttOutstandi ng i ssues (2) v MiMain ch anges (1) Super Super

– The purpose of each biometric application • Abolition of the Pillars structure should be clearly specified ection ection » Decision-makinggp process t t » Involvement of EU Parliament – Embedment of privacy-enhancing features in ta Prota the systems Prota » Improved consistency » No need anymore for a sometimes artificial an Da an Da an distinction e e Europ Europ

International Conference on Ethics and Policy of Biometrics and Data sharing January 2010 International Conference on Ethics and Policy of Biometrics and Data sharing January 2010

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 48 The Lisbon Treaty : The Lisbon Treaty : sor sor i i v MiMain ch anges (2) v MiMain ch anges (3) Super Super

• Emphasis on fundamental rights • Data Protection as a fundamental right

ection » EU Charter of fundamental rights made ection » Direct application t t legally binding » Core elements » Accession of the EU to the European ta Prota Prota » Need for data protection authorities Convention on Human Rights

an Da an » Affirmation of “values” of the EU Da an e e Europ Europ

International Conference on Ethics and Policy of Biometrics and Data sharing January 2010 International Conference on Ethics and Policy of Biometrics and Data sharing January 2010

What’s next? sor sor i i v v More information:

Super • Stockholm Programme: EU Information Super

Management Strategy www.edps.europa.eu

ection » Existinggy information systems need to be ection edpp@s@edp s.euro pa.eu t assessed t » Privacy by design ta Prota Prota Postal address: • Need for increased international dialogue Rue Wiertz 60 - MO 63 an Da an Da an B-1047 Brussels e e Europ Europ

International Conference on Ethics and Policy of Biometrics and Data sharing January 2010 International Conference on Ethics and Policy of Biometrics and Data sharing January 2010

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 49 What is Privacy? The Crossroads of Privacy andBid Biometr ics Privacy is the claim of individuals, groups or institutions to determine for themselves when, how and to what extent information about John W. Kropf U. S. Department of Homeland Security them is communicated to others. Privacy Office Alan Westin, Privacy and Freedom, ETHICS AND POLICY OF BIOMETRICS AND Atheneum, New York , 1967 , p . 7 INTERNATIONAL DATA SHARING Hong Kong Polytechnic University January 4, 2010

Biometr ics – WldidWorldwide Why Privacy Is Important to Biometrics % ICAO: Standard for Passports % EU: Passpp(orts (ICAO +fin ger scans ) % FdFundamen tliht(UNCtal right (UN Conven ti)tion) % US: US – VISIT; BioVisa % Jappyan: Entry and Exit % Good government % UK: Borders % Legal compliance % Israel : Legislation on a National Biometric Data Base % Budiliidget implications % UAE: Borders % Pakistan: National IDs % Registered Traveler Programs (US, The Netherlands, others) % Many others

Overview: U.S. Privacy Framework Application of the Privacy Act Information Protected Domestic (USG only not private sector) Information about an individual containing their name or other Privacy Act of 1974 personal identifier in a Federal agency record system. Examples: education, financial transactions, medical history, Freedom of Information Act (()FOIA) criminal history, employment history, digital photographs, E-Government Act of 2002 fingerprints Applies to a “system of records” (SORNs) Presidential Orders , Directives and Guidance Any group of records containing information about U.S. persons International Under the control of a Federal agency AND agency retrieves information by the individual ’snameor s name or Information Sharing Agreements other personal identifier including biometrics. International Frameworks

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 50 DHS Privacy Office Example: US-VISIT and Privacy

New technologies do not erode privacy " US Congress, through a series of statutes, required Personal information used in compliance with US law. the creation of a biometric entry -exit system . Laws follow the Fair Information Practice " Resulted in US-VISIT. Principles (FIPPs) " US-VIS’SIT’s goa ls: Evaluate new legislation Enhance the security of U.S. citizens and visitors Coordinate with DHS Civil Rights and Civil Liberties Facilitate legitimate travel and trade Report to Congress Ensure the integrity of the U.S. immigration system FdFreedom o fIff Informat iAion Act Protect the privacy of visitors.

SORNs and PIAs are Publicly Example: US-VISIT and Privacy Available " Transparency: IDENT PIA and SORN " Minimization: Collects only the information needed to achieve US-VISIT statutory authority " Use Limitation: Sharing this information must be consistent with http://www.dhs.gov/privacy thfhihilldhe purpose for which it was collected. " Security and Privacy: Success of the US-VISIT measured by ability to identify threats but to protect against ID theft and fraud . " Accountability: US-VISIT PO and DHS CPO; periodic audits " Robust Privacy Policy: Privacy protections extended to non -U.S. citizens " Access and Redress: Freedom of Information Act, Privacy Act and TRIP.

Biometrics: Critical to Government Sharing Biometrics Across Borders " Lost and Stolen Passports " Bordlder Controls FIPPs " Advance Screening Mutual Recognition of Systems HLCG Principles

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 51 Contact Us

U. S. Department of Homeland Security Privacy Office Washington, DC 20528-0550 Tel: 1 -703-235-0780 Email: [email protected] Website: www.dhs.gov/privacy

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 52 OfFrogsandHerds: Theeconomics (and behavioral Protection&revelationofpfpersonaldata flowsinvolve tangibleandintangibletradeoffsforthedatasubject economics)ofprivacy aswellasthepotentialdataholder Someofourstudies AlessandroAcquisti Conditioningpricesonpurchasehistories(MarketingScience HeinzCollege&CyLab 2005)… CarnegieMellonUniversity Impactofbreachesonstockmarketvaluation(ICIS2006)… Impactof data breach notification laws on identity theft ICEB2010 (WEIS2008)… 45January2010,HongKong ImppgactofgunownersDB publicationoncrimerates(workin progress)…

SSoudhould I m etoention Attitud esab out pri vacy my sexual kinks Ostensibly… on MySpace? Topreasonfornotgoingonline…(HarrisInteractive) Billionsinlostetailsales…(JupiterResearch) SignificantreasonforInternetuserstoavoidEcommerce…(P&AB) Actualbehavior Dichotomybetweenprivacyattitudesandprivacybehavior Spiekermannetal.2001,Acquisti&GrossPET2006

Dopeoplereallycareforprivacy? Iftheydo,cantheyactontheirconcerns? Iftheydon’t(orcan’t),shouldpolicymakersdosoontheirbehalf?

Maybe Ill I’ll find a lover... But what about my future job p 1 (bfbenefitsu )  1 (costsuq ) prospects? And what if my parents happen to log on... B i B d )1( t it B i B d )1( t it

$s WTA

WTP

Privacy

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 53 1. IIltncompleteiifnformati on Someofour previous andongoing results(2004 2009) E.g.:downloadDOB/hometownfromsocialnetwork>> Hyperbolicdiscountinginprivacyvaluations(ACMEC2004)… predict member’s SSN (PNAS 2009) Overconfidence,,poptimismbiasinonlinesocialnetworks 2. Boundedrationality (WPES2005,PET2006)… Confidentialityassurancesinhibitinformationdisclosure 3. Cognitive/behavioral biases, investigated by (SJDM2007)… behavioraleconomics&decisionresearch Individualsmorelikelytodisclosesensitiveinformationto E.gg,.,op timismbias, hyp erbolicdiscounting,ambi guit y unppp(rofessionalsitesthanprofessionalsites(SJDM2007)… aversion,… Herdingbehaviorininformationrevelation(SJDM2009) Illusionofcontrolinonlinesocialnetworks(iConference Z Hence:the need for abehavioral, experimentaleconomics 2009)… ofprivacy(andinformationsecurity)

Privacyvaluationsmaybenotonlycontextdep,pendent,but also Willingnesstoaccept(WTA)moneytogiveaway Malleabletononnormativefactors information vs. Infact,possiblyinternallyinconsistent Hence,personaldisclosureslikelytobeinfluencedbysubtle Willingnesstopay(WTP)moneytoprotect framing,which can information Downplayprivacyconcerns Hypothesis: Actlike'alarmbells'– triggerin gconcernforprivac ythatis Peopleassigndifferentvaluestotheirpersonal oftenlatent informationdependingonwhethertheyarefocusingon protectingit orrevealingit Jo in twor kw ith Les lie Jo hnan d George Loewens te in

Vallfuationofprivateinf ormationl lklhikelytochange Experimental subjectsasked to choose between 2 giftcards Wemanipulatedtradeoffsbetweenprivacyprotectionandvalueof dependingonwhethertradeoffbetweenprivacy cards and moneyis framed as SbjtSubjectsendddowed witheith er: – Aproblemofprotection(WTP) $10Anonymousgiftcard.“Yournamewillnotbelinkedtothe Firewalls,,yanonymousbrowsin g,(ggpfg,(signingupfordonotcalllist) transactionscompletedwiththecard,anditsusagewillnotbetrackedby thh”heresearchers.” – Aproblemofdisclosure(WTA) $12Trackable giftcard.“Yournamewillbelinkedtothetransactions Groceryloyaltycards,sweepstakes,Internetsearches completedwiththecard,anditsusagewillbetrackedbytheresearchers.” Subkdhhhdlkbjectsaskedwhetherthey’dliketoswitch cards From$10Anonymousto$12Trackable (WTA) From$12Trackable to$10Anonyy()mous(WTP)

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 54 1. Hypotheticalquestionnaire 2x2conditionsbetweensubjectsdesign 2. ActualfieldexperimentwithVISAgiftcards Endowmentconditions(2): Mallpatronsstoppedatmall,askedtoparticipatein • Endowedwith$10anonymouscard (unrelated)study,offeredrealgiftcardforparticipationin • Endowedwith$12identifiedcard study Choiceconditions(2): 349participants • $10anonymouscardlistedfirst • $10anonymouscardlistedsecond

Peoppyple’sconcernsforprivacy(y(andsecurity))depend,inpart,on 60 primingandframing 52.1 50 Thisdoesnotnecessarilymeanthatpeopledon’tcareforprivacy,orare 10 card $ 42. 2 “irra tional ,” orma kewrong dec is ionsa bou tpr ivacy 40 Rather,itimpliesthatrelianceon“revealedpreferences” 30 26.7 onymous arggpyyumentforprivacymayleadtosuboppptimaloutcomesifprivacy n 20 valuationsareinconsistent… 9.7 10 Peoplemaymakedisclosuredecisionsthattheystandtolaterregret choosing a

% Risklksgreatlymagni fdlffiedinonlineinformationreve lation 0 Endowed $10 (n=71) Choice $10 vs. $12 Choice $12 vs. $10 Endowed $12 (n=62) Therefore,implicationsforpolicymaking&thedebateonprivacy (n=83) (n=57) regulation E.g.,ChicagoSchoolapproachvs.privacyadvocates 2(3) = 30.66, p < 0.0005 2 (3)=30.61,p<0.0005 Aproblemofincentives

“Soft”orasypymmetricpaternalism:desi gygnsystemsso Consideronlinesocialnetworksuserswhopostdatesof thattheyenhance(andsometimesinfluence)individual birthonline choiceinordertoincreaseindividualandsocietal Imaginethatastudyshowssomerisksassociatedwith welfare revealingDOB s( e.g.,SSN pre dic tions ) Nudgingprivacy:usingsoftpaternalismtoaddressandimprove Strongpaternalisticsolution:banpublicprovisionofdatesof security and privacy decisions through policy and technology design birth in online profiles thatanticipatesand/orexploitsbehavioral/cognitivebiases(IEEES&P “Usability”solution:designasystemtomakeitintuitive/easy 2009) tochangeDOBvisibilitysettings Softpaternalisticsolution?

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 55 Saliencyof information Google:economicsprivacy Providecontexttoaidtheuser’sdecision suchasvisually representinghowmanyotherusers(ortypesofusers)maybe Visit:http://www.heinz.cmu.edu/~acquisti/economics abletoaccessthatinformation privacy.htm Defaultsettings Email:[email protected] . edu Bydefault,DOBsnotvisible,unlesssettingsaremodifiedby user Hy perbolicdisco unting PredictandshowimmediatelySSNbasedoninformation provided …andsoforth

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 56 2

Overview Are We Protected? • The law of privacy: Article 17 of the The Adequacy of Existing Legal Frameworks for Protecting Privacy International Covenant on Civil and Political in ttehe Bi om etcetric A ge Rights (1966)

• Privacy impact of biometric data usage Tim Parker

Barrister-at-Law Denis Chang S.C.’s Chambers • Biomet ri cs in Hong Kong SAR and MilMainlan d

Teaching Consultant China UiUnivers ity o fHf Hong Kong

3 4

Article 17 ICCPR Article 17 ICCPR

1. No one shall be subjected to arbitrary or • The right to privacy is neither: unlawful interference with his privacy, family, Absolute; nor or correspondence, nor to unlawful attacks on Non-derogable. his honour and reputation. • However, strict conditions for limitation: 2. Everyone has the right to the protection of the “In law” (i.e. legislation); and law against such interference or attacks. “Not arbitrary”

5 6

Article 17 ICCPR Article 17 ICCPR - Sources

• “Arbitrary” synonymous with “unreasonable” • UN Human Rights Committee General (per UNHRC): Comment No. 16 (Right to Privacy) 1988

Rational connection to a legitimate purpose • Toonen v Australia [1994] IHLR 27 (UNHRC Communication No. 488/1992)

Restriction on the right must be no more than is • Leung Kwok Hung & Anor. v Chief Executive necessary to accomplish the legitimate purpose of the HKSAR (Unreported, 9 February 2006, HCAL107/2005)(Affirmed by the Court of Final PtilitProportionality Appeal in [2006] 3 HKLRD 455)

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 57 7 8

Biometrics and privacy Biometric Hong Kong ID Cards

• Characteristics intrinsic to biometric data • Mandatory to possess and carry at all times (Registration of Persons Ordinance) • Collateral impact of employing biometrics: • Introduced “temporarily” for 1949 mass- Secondary data functions migration: law and order , food distribution, etc. Trend towards centralisation/collation ‘Functi on ( or spec ifica tion ) creep ’ • NtbhkdithtbblNow smart, may be checked without probable cause (including fingerprint scanner match) with auxiliary func tions

9

Data privacy in the PRC

• No unified data protection law

• Some piecemeal developments: Amended PRC Criminal Law Amended Tort Law

• PdiiPrediction: dldevelopments likel ytobesubject to wide State security exceptions

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 58 AgendaAgenda  About UID project  Challenges Faced in SSN Unique Identification Number Project:  National Identifier in UK Challenges and Recommendations  Unique identifiers in European Countries: Authors: Haricharan Rengamani*, Ponnurangam UK, Belgium, Estonia and Netherlands Kumaragg,juru^, Rajarishi Chakrabortyy,g*, H Raghav Rao*  UID and its Biometric Approach *SUNY Buffalo; ^IIIT Delhi  Oth er ch all en ges f or U ID Presented at Third Intl. Conf. Ethics and Policy of Biometrics  and International Data Sharing – Hong Kong, January 4-5, 2010 Recommendations  ClConclusions

About UID Project About SSN in USA:

 Unique Identification Authority of India (UIDAI)  Started in November 1936 Headed by Mr. Nandan Nilekani  Nine digg,it number issued to U.S Citizens, Permanent  First country to implement Biometric based unique ID system Residents and temporary residents under Social Security on such a large scale. Act.

 Responsible for implementing Multipurpose National Identity  card or Unique Identification Card. Skeleton of SSN is XXX-XX-XXXX

 UIDAI to build a central database on details of every Indian  Primary purpose is to track individuals for taxation resident including demographic and biometric information. purposes.

 Imppylemented to save identity verification costs for business  Evolved to become a defacto national identification through online verification of authentication of identity. number in the recent years.

Challenges Faced in SSN National ID in UK

 Privacy Challenges in Existing System:  Technical complexity of the scheme  Associated cost  Identity Theft  Protecting Privacy of citizens

 TerrorTe r ro r Related crimes Purpose:  To maintain one identity document that can be used  Other issues internally by all departments of Government.  To avail better access to services provided by both public and private sectors.  To track eligible workers in UK and to combat identity theft, Identity fraud and the issue of illegal immigrants.

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 59 National ID in Belgium National ID in Estonia BELPIC is the largest e-ID scheme in Europe  Governed according to the Digital Signature Act  Challenges and Solutions (DSA).  Goal was to enable citizens to authenticate themselves  98% of Estonians have national ID card for accessing e-government applications like social  Digital signature embedded in card security and give them a secure ID.  Authentication and Digital Signing  Solution was based on a new PKI infrastructure along  Issues th at may h el p in UID d esign: with information support and 24/7 helpdesk for lost cards.  Signature validity verification: The framework relies on X.509v3 certificates.  Solved by Online Certificate Status Protocol (OCSP).   Lack of widespread digital signature implementation: BELPIC doesn’t completely address the issue of  interope rab ility ac ross a dminist rat ive uni ts. Solved by DigiDoc, a server-side and client-side software  International interoperability:   Takeaways – Use of ‘Kids Card’. A variant of the e-ID for Addressed through OpenXAdes project for universal kids between 12 – 18 years. understanding of legally binding

UID Syyystem www.uidai.gov.in National ID in Netherlands  Very similar to SSN in US – number assigned by Office of Tax Administration  Unique Citizen Service Number (Dutch: Burgerservicenummer or BSS)fN) for citizens and workers.  Corrections related to a BSN handled by Municipal Personal Records Database  BSN is very limited for private organization  Name is not linked with a BSN in the database  BSN is used as an index for all information collected by Govt  Databases protected by the Personal Data Protection Act.

UID Agggencies www.uidai.gov.in UID Architecture www.uidai.gov.in

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 60 Challenggyes in India Identity Card Privacy aspects of Biometric Technologies Technology Positive privacy aspects Negative privacy aspects

Finggper print Can ppgrovide different fingers for Strong de-identification capabilities different systems; large variety of vendors with different templates and algorithms

Face recognition Changes in hairstyle, facial hair, Easily captured without user texture, position, lighting reduce consent or knowledge ability of technology to match without user intervention

Iris recognition Current technology requires high Very strong de-identification degree of user cooperation - capabilities; development of difficult to acquire image without technology may lead to covert consent acquisition capability; most iris templates can be compared against each other - no vendor heterogeneity

Privacy aspects of Biometric Other challenges in Biometric Technologies Contd.. technologies

Technology Positive privacy aspects Negative privacy  Privacy invasions aspects

yŒ›•ˆGšŠˆ•G yŒ˜œ™ŒšGŽG‹ŒŽ™ŒŒG–GœšŒ™G }Œ™ Gš›™–•ŽG‹ŒT Š––—Œ™ˆ›–•bG”ˆŽŒGŠˆ••–›G‰ŒG ‹Œ•›Šˆ›–•GŠˆ—ˆ‰“›ŒšG  Social Implications Šˆ—›œ™Œ‹Gž›–œ›GœšŒ™GŠ–•šŒ•›G

}–ŠŒGšŠˆ• }–ŠŒGšG›ŒŸ›G‹Œ—Œ•‹Œ•›SG›ŒG jˆ•G‰ŒGŠˆ—›œ™Œ‹Gž›–œ›G  œšŒ™GˆšG›–Gš—Œˆ’G›ŒGŒ•™–““”Œ•›G Š–•šŒ•›G–™G’•–ž“Œ‹ŽŒG–G Ethics —ˆššž–™‹G›–G‰ŒGŒ™Œ‹G ›ŒGœšŒ™G

oˆ•‹GŽŒ–”Œ›™ G w š–“–ŽŠˆ“G‰–”Œ›™ŠSG‰œ›G•–›G u–•ŒG Šˆ—ˆ‰“ŒG–G‹Œ•›Šˆ›–•G Œ›bG ™Œ˜œ™ŒšG—™–—™Œ›ˆ™ G‹ŒŠŒ

Recommendations Contributions

 Administrative Department 1. Identification of Technical , Administrative  Public Awareness  Process for handling immigrants , Dual citizenships and Legal Challenges in implementation  Enrolling and tracking citizens by multitude of technologies of UID in India  Legal Department  To make amendments to existing legal system for accommodating UID cards  Restricting multiple issuance of cards, Access Restriction 2. Present a portal for learning from similar should be handled ilimplemen ttihllfditation challenges faced in  Technical Department  Random number generation for UID card number other countries  Self check digits  Effective Encryption and Decryption schemes and to architect system better for handling security issues

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 61 ConclusionsConclusions Future work

 Better access to a host of government services  To investigate the social implications of UID system in India  Eliminates fake and duplicate identities which assist  To develop a formal framework for comparing various UID government to stem exchequer losses arising out of ghost systems around the world identification or duplication  Commonalities and differences  Clearer view of pppopulation and other demograp hic indicators.  Provides major impetus to e-Governance programs and services  Internal security scenario can be monitored well with UID’s being used to track criminals.

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 62 The 3The33rdrd International Conference Ethics and Policy of Biometrics and International Data Sharing Biome tri iBit cs Hong Kong, 44--55 January, 2010

Methods for uniquely Biometrics Governance: recognizing humans based H1N1 as a Case Study upon one or more intrinsic physical o r beha vio ral t raits

ChiChi--ShingShing ChenChen

Biome tri iBit cs Biome tri cs A ppli cati on

Use with other technologggies Pros: Cons: Use under certain environment -Convenient - Efficient -Risk - Accurate -Privacy –– RFID (passport) -Security –– Data Mininggg To- Identify -Identity Theft Verify – Internet (global, pervasiveness)

PtiPerspectives PtiPerspectives

Vertical:Vertical: Horizontal:Horizontal: – National: security –– Geographic community –– SSilocial: trust ( (Bli Bowling togeth h)er) EU v. USAEU USA –– Personal:Personal:Personal: Substantive v. Procedural liberty;liberty; privacy/basic right to information self -- Asian?Asian? determination; safetysafety

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 63 PtiPerspectives StiblDilSustainable Dialog

Horizontal:Horizontal: Across geographic and professional –– Professional communities communities Technological v. Legal v. BioBio-- ethical v . Business v. Public In general: exchange perspectives Administrators and discourses

Allen Newell, 1986: the And i n specifi c: accept abl e practi ce or pppractices, and/or SOP models are broken

The E mergi ng Id ea o f Governance Biome tri cs G overnance

LobelLobel,, 2004, concept of law moving: Diaaogalog amo ng Leade eadesors of Comm uniti esaes at Stake:Stake: From toptop--downdown to bottom-bottom-upup

From command and control to – Technological dialogdialog –– Mdil/BiMedical/ Bioo--Ethica lEthill social law –– environmental law –– – Legal (data protection laws) information law (privacy, copyright) – Business Application – Governmental

Biome tri cs G overnance H1N1 as a C ase Stu dy

Diaaogalog amo ng Leade eadesors of Commu niti es at H1N1 Governance Web? Stake:Stake: Catalyst Groups Dialog both in General (values and Leaders from Stake Holders Communities perspectives) and Web Platform for Dialog: ISIn Specifi ifiBtPti/SOPfc: Best Practice / SOP for No Time Limit -- Asynchronous Biometrics Application No Geographic Limit – Biometrics Application: mostly not Yes/No Response to Hard Problems Question but under what condition and Come up with Best Practices and/or SOP PdProcedure ? NGO’bll’s Bring Web to All Corners in Society

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 64 H1N1 as a C ase Stu dy

Biom etri cs I ssues: Collection, Storage, Usage of BioBio--InfoInfo for Identification , Tracking and YCYour Comment s are WlWelcome ResearchResearch TransTrans--borderborder Sharing of Bio-Bio-Info?Info? Thank s! !Thk for Entering/Leaving a Country for Identification, Tracking and ResearchResearch

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 65 The 3rd International Conference on Overview Ethics and Policy of Biometrics and 1. Information explosion and its ubiquity International Data Sharing 4 January 2010 2. Biometrics as one form of information, whether direct or derived 3. The ethics of biometrics – normative or practical? Yours or mine?

Ethical Values for E-E-Society:Society: 4. The scope for ethics, policies and regulations is rapidly changing IfInformat ion, S ecuri ty and dPi Privacy 5. Alternating between “Personal Computing” and “CCCloud Computing” 6. Foundations for enhancing ethical values for an e-society in the HKSAR

7. Importance of Security Risk Assessments & Privacy Impact Assessments

Stephen Mak 8. Concluding remarks Deputy Government Chief Information Officer HKSAR Government

2

Information explosion and its ubiquit y Biometrics as one form of information, whether direct or derived • The rate of information generation and collection • Biometrics is directly linked with in-born, personal transcends our daily lives and business operation attributes • Information collection , use , distribution and inference • This facilitates strong identification & authentication take on many new forms • Misuse or abuse of the technology can cause serious • Inter-related issues of information explosion, security, problems on personal data privacy privacy and ethics can no longer be considered in • Increasing connectivity of electronic devices to the isolation in various stages of technology innovation Internet, embedded with biometric-like functions • “Derived” biometrics takes on additional meanings

3 4

The scope for ethics, policies and The ethics of biometrics – normative or regulations is rapidly changing practical? Yours or mine?

• The global ICT infrastructure is rapidly changing with • Biometric products & solutions are under continuous major implications on user behaviours development and the market is huge globally • The notion of biometrics “belonging” to individually • Biometrics is also increasingly taking on expanded identified persons is changing with ICT advancements meanings and contexts • The scope f or poli c ies, regu la tions an d e thics is fas t • Security and privacy considerations stand out as changing as a result major issues that affect adoption and governance • New applications of technology may lead to frequent • Consideration from different angles will lead to and voluntary use of biometric data different emphases • The scope for ethical and policy considerations • A holistic approach when considering the ethical becomes even more multifarious and complex issues is called for

5 6

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 66 Alternating between “Personal The foundations for enhancing ethical Computing” and “Cloud Computing” values for an e-society in the HKSAR

• There have been major and alternating changes in • Legal Framework – Personal Data (Privacy) responsibilities for security, privacy and ethics in the Ordinance & Electronic Transactions Ordinance past 30 years of ICT innovations • The eHealth Initiative – electronic health record (eHR) • From personal computing to cloud computing - from sharing infrastructure everything “personalized” to everything “available on • Biometric applications and technologies demand” • General guidelines to facilitate wider use of biometrics • The roles of innovators, entrepreneurs, vendors, exist, but additional ones for specific use can be regulators and governments need to be redefined developed • All parties have a role to play in every step of • Industry, academia and domain experts and technology innovation regulatory bodies can collaborate on these

7 8

The importance of Concluding remarks Security Risk Assessments and Privacyyp Impact Assessments • The fast developing nature of the enabling How to more effectively use/deploy biometrics? technologies of an e-society affects the very definition • Fundamental respppygect for privacy designed into of biometrics, user behaviour, business models, etc products, systems and solutions • If properly and timely addressed, the real and • Better informed users and customers perceived concerns over ethical issues will take on • Bid“Better industry “norms ” new or different dimensions • Better integration among systems, toolkits, • This will affect considerations on governance over processes and management practices data sharing, whether in the local or international • More explicit but “business-friendly” guidelines and context reggygulatory regimes • Explicit and early conduct of Privacy Impact Assessments and Security Risk Assessments

9 10

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 67 Margit Sutrop University of Tartu, Estonia Hong Kong, 4-5 January 2010

 Change in ethical frameworks  Security versus privacy (biometric  Comparison of biometric and human genetic databases) and solidarity versus autonomy databases (HGDs). Common good is superior to  Lack of public debate as a problem individual rights.  The anal ysi s of trus t-reltilations hip  Is communitarian ethics a suitable ethical  How to create and maintain trust? framework? Is it able to protect individuals also in nondemocratic societies where the common good can be defined by one group who is in power?

 Privacy and autonomy  Privacy at stake  Scientific (mapping genes  Threat to ppyrivacy fdfor common diseases,  Possibility of at stake understanding the discrimination and   Limited autonomy, combined effects of Presumed/tacit genetic, lifestyle and stigmatization consent broad/open consent environmental risk factors)  Possible psychological   Health related (better and  Public interest Public interest stress when knowing more efficient health care one’ s genetic risks argument: Security as argument: HGDs as system, better diagnosis global public goods and treatment of diseases)  Creation of orphan highest value diseases  Discourse of hope  Economic (creation of new  Discourse o f threa t jbjobs, deve lopmen t o f  Individualized medicine biotech sector, reverse not affordable to poorer brain drain) countries

Biometric HGD Benefits Risks

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 68  Security (monitor migration,  Threat to privacy  Biobanks-dicourse of hope: that HGDs will enable combdbat identity t hfdheft and (b(increasing tension between fraud) the principle of security and us to understand the combined effects of  Economic (cut costs that of privacy and genetic, lifestyle and environmentalk risk factors produce efficiency gains for democracy) in the development of a disease , improve medical administration)  Potential of social exclusion care and health, economic success. (border surveillance has  Convenience in time (avoid  Biometric databases – discourse of threat: queues, faster answers , divergent effects for immediate access to dffdifferent groups of peopl e) althoug h biome tr ic iden tifica tion tec hno logy can information)  Securitisation (more and be used for various purposes; national security, more issues framed in  Mobility ((y,vote anywhere, terms of security concerns) health, welfare, banking, insuracne commerce, services and movement of  Changing social surveillance. One stresses the dangers of capital across borders via relationships (climate of terrorism, criminal behavior, fraud, tax evasion, e-services) suspicion) free-riding. One wants to increase control over migration and combat terrorism. Benefits Risks

 Scoping paper from Sept . 2009 of the EU 7th “On this road there is no turning back . We are FP project “Technolife”. (analysis done by the past seriously considering the argument that Univ. of Bergen , Univ. of Tartu) by introducing biometric identifiers this early  Three large European dabatabases containing and without a proper public debate, we will biometric data used for migration and border forever alter the fundamental trust model security: between citizen and state, consumer and 5 EURODAC (fingerprints of asylum seekers) supplier.” (Paul de Hert and Annemarie Sprokkereef, 5 VIS (the Visa Information System) “An assessment of the Proposed Uniform Format for Visas and 5 SIS (the Schengen Information Sytstem II) , RidResidence Perm itDGits, DG-PliPolicy D epar tmen tCitit Citizens ’Riht’ Rights an d containing alerts on objects and persons. Constitutional Affairs, 2006)

 Confucius told his disciple Tsze -kung  Trust has been defined as a feeling, an that three things are needed for government: emotion, a disposition, an activity or weapons, food and trust. If a ruler can’ tthold hold knowledge that another will behave in a on to all three, he should give up the certain way.  Trust involves a “tacit demand not to betray weapons first and the food next. Trust should the expec tati ons o f th ose wh o t rust us” (O . be guarded to the end: „without trust we Lagerspetz) cannot stand “.  Trust designates human interaction (we trust individuals, institutions), the essential element of trust is reciprocity. (R. Solomon, FFlores)F. Flores)  Trust involves risk-one has to place trust without guarantees.

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 69  Simple trust (naive, infants’ trust for their  The complexity of processes makes it primary caretakers) very difficult to be adequately informed  Basic trust (provides the basis for entire about the technology and what happens personality, attitu des tow ard the w orld) to our data .  Blind trust/mistrust (irrational, one sees  It is important to build trustworthy btbut re fuses to see) institutions. Participants ’ trust depends  Authentic trust/mistrust (rational, open to on their general trust in institutions evidence ) governing the database and on the general level of trust in the society.  One should discuss both benefits and risks involved.

 Ethical conduct  Awareness  Since trust is a relationship, an  Responsibility of Actors int erac tion, bu ilding trus t requ ires  Response and evaluation of threat thinking and talking about trust. (Bernar d Didier, Lo ic Bournon base d on t he  Since trust invo lves vu lnera bility an d r is k, guidelines of OECD in “Towards a Governance building trust means coming to terms of Id entit y S ecurit y S yst ems” , 2009) with th e possibili ty of b reach and betrayal.  What we need is rational authentic trust based on reflection and resolve.

Thank you for your attention!

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 70 DisclaimerDisclaimer ThThThe Sta tus Q QStt uo andEthid Ethica lGl Governance in Biometric in Mainland China •• The opinions expressed in this presentation are my own, They do not reflect any position or policy of CAMS or Third International Conference on Ethics and Policy the National Ethical Committee of MOH that I serve Biometrics and International Data Sharing 44--55 January 2010, Hong Kong for.

ZHAI Xiaomei Ph.D Myyp presentation is preliminar y. So the aim is to Centre for Bioethics "Throw out a brick to attract a jade" ( ᣋ⹆ᕅ⦹ᣋ⹆ᕅ⦹).). Chinese Academy of Medical Sciences Peking Union Medical College

General Outline

•• Introduction •• Status quo of biometrics in mainland IdiIntroduction ChinaChina •• Ethical concerns •• Ethical gggovernance

"Blade Runners”࠰䬻ᡈ༛࠰䬻ᡈ༛ "Blade Runners”

࠰䬻ᡈ༛࠰䬻ᡈ༛ AltfiltRlitiithiEthibdAs a result of a violent Replicants uprising, their use on Earth is banned, and Replicants are exclusively used for dangerous or unskilled work as In 1982 an American science slav es in Earth’s colonies. Any Replicant w ho defies the ban and retu rns fiction film “Blade Runners” to Earth is hunted down by police assassins known as "blade runners". depicts a story in November 2019 Replicants can be identified only by using a machine, which analyzes the iris contractions and dilatations. The machine that allows to identify the Los Angels in which genetically Replicants, actually , is a biometric devise . engineered beings called No longer a science fiction, biometric technologies are the most Replicants (visually indistinguishable from adult humans) are important innovation in the IT industry for the coming years and the manufactured by the all-powerful Tyrell Corporation. biometric industry is projected to grow up greatly.

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 71 DefinitionDefinitionDefinition ofofof Biometric Technologies •• Biometric technologies can be defined as automated metho ds o f recogn iz ing or verif yi ng th e id entit y of a living person based on a physiological or behavioural characteristic. •• Biometics comprises methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In IT bometrics is used as a form of identity access management and access control. It is also used to identify individuals in groups that are under surveillance.

Two Classes of PtfHChtitiParameters for Human Characteristic Biometric Characteristics Beinggg Used for Biometrics

•• Physiological are related to the shape of the body. •• Universality –each person should have the characteristic. Examples include, but are not limited to fingerprint, •• Uniqueness –is how well the biometric separates face recognition, DNA, hand and palm geometry, iris individuals from another. recognition, which has largely replaced retina, and •• Permanence –measures how well a biometric resists odor/scent. aging and other variance over time. •• Behavioral are related to the behavior of a person. •• Coll ectabili biliCll ty –– ease ofiiiff acquisition for measurement. •• Performance –accuracy, speed, and robustness of Examples include, but are not limited to typing rhythm, technology used . gait, and voice. Some researchers have coined the term •• Acceptability –degree of approval of a technology. behaviometrics for this class of biometrics. •• Circumvention –– ease of use of a substitute.

Two Modes of Operating Applications byyy a Biometric System of Biometric Technologggies

•• Verification –– A one to one comparison of a captured •• Applications of the technology include checking the biometric with a stored template to verify that the identity of passengers at borders, checking the identity idiidliindividual is w ho he c lilaims to be. Can be done in of entrants at the gate of public events, proving the conjunction with a smart card, username or ID number. identity of payments, social security, and others benefits claimants, restricting access to secure premises , •• Identification – A one to many comparison of the checking the identity of voters at polling booths and cappgtured biometric against a biometric database in identifying kno wn criminals ,. attempt to identify an unknown individual.

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 72 Advantages of Biometric Technologggies

•• More accurate Status quo of Biometrics •• More reliable •• More effective in ChinaChinain •• More confidential •• More convenient •• Would be cheaper: For example, a fingerprint scanner that cost $3,,yg,000 five years ago, with software included, and $500 two years ago, costs $100 today.

PPtast and dP Present Leading R&D Teams in China

•• The use of fingerprints in commercial and judicial •• Biometric Research Center, Hong Kong Polytechnic UniversityUniversity practices has thousands of years history. •• Center for Biometrics and Security Research (CBSR(CBSR)) •• Starting in 1990s there are 6 major centres for Institute of Automation, Chinese Academy of Sciences biomet ri c R and D un der th e suppor t of 863 an d 973 (CASIA)(CASIA) focus programmes which funded by the Ministry of •• Joint R & D Laboratory for Advanced Computer and Communication Technologg(ies (JDL ), Institute of Science and Technology of China. Computing Technology, Chinese Academy of Sciences (CASICT)(CASICT) •• Elec tr ic Eng ineer ing D ept , TiTsing hTihhua UiUnivers itUiitity •• Center for Information Research, Peking University •• CenterCenterCenter of Forensic Sciences , Beijing Genomics Institute

Technologies Developed Application in Olympic Game

•• Face (Visible Light & Near Infrared) •• At opening & closing ceremony of 2008 Beijing –– CASIACASIA –– Institute of Computing Tech, CAS Olympic Game 100ˈ000 audience passed 100 gates by –– Tsinghua University speedy identity verification with facial recognition •• FingerprintFingerprint –– CASIACASIA systems. –– Peking University ( Individual information and a photo were required to –– MCMany Compani es •• IrisIris provide when audience bought the ticket). –– CASIACASIA •• PalmprintPalmprint –– Hong Kong Polytech Univ –– CASIACASIACASIA

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 73 Application in Training Application in Shenzhen Customs Management •• There are 600,000 passengers who exit from or enter into Shenzhen customs per day. •• For improving the quality of training for novices and •• After usinggg facial recognition devices , the time of prevent fraud and "street killers", an intelligent customs checking per passenger is reduced from 13 driving training management system˄biometric device˅˅ seconds to 6 seconds. has been used in Suzhou City since 2008 .

Significant Biometric Applications Demands Increasing

•• Governmental •• Demands from –– SelfSelf--Service Border--crossing (deployed) –– social security : finger and facial recognition may • Shenzhen – Hong Kong Boarder since June 2005 prevent false claims for pensions(ޫ㘱䠁˅ޫ㘱䠁˅ and 䠁˅ (Ministry of Social؍Zhuhai – Macau Boarder since April 2006 subsistence allowances˄վ • –– Biometric E-E-PassportPassport (on-(on-going)going) Securities). •• Enterprise: Time attendance and access control –– public security: among 250 millions output values of Finger, Face, I ri s, P al m biometric products more than 40% are used in public •• Consumer products security and police. Face Logon LogonFaceLogon –– on notebook PC –– finance depppartments: ppprevent fraud and false claims in finance. And, Finger Logon –on mobile phone, PC •• If the government decides to use biometric identification Finger Lock carddds and passports, it wou ldbhdld be a huge deman d.

Future Prospect Chall llChllenges •• no national standards for biometric products and applications •• There are near 200 enterprises which join the R&D •• almost no pp,ublic discussion on ethics, policy and governance and mar ke ting o f biome tr ic pro duc ts, an d the ou tpu t issues of the application. values in market is near CNY 300 millions yuanyuan.. •• lack of ppy,rivacy law, traditionarily lack of the p pyrivacy •• China would be great market for biometric products awareness:awareness: and important provider of biometric technologies as If yygou have something that you don't want the other people to well.well. know, you should not do it in the first place. ------Natasa Pire Musar 㤕㤕㾱Ӫн⸕㾱Ӫн⸕,, 䲔䶎ᐡ㧛Ѫ..------ѝഭṬ䀰ѝഭṬ䀰(Chinese proverb)

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 74 Case of “Data Gate” Case of “Data Gate”

•• In 2008 the hot topic was the case of Amorous Photo •• Shenzhen branch of the company collected these data and (((Amorous Photo Gate 㢣➗䰘㢣➗䰘))). its Beijjging branch sold it. It led to serous harassments, •• In 2009 the case of Data Gate˄䍴ᯉ䰘˅ became the blackmails and even crimes. most concern in mainland China accordinggg to CCTV •• There are also black data market in China. At internet news reported on 2 January; some claim they have 65,000 stockholders data could be •• One Network Advertisinggpy Company in mainland claim to sold with the price 3000 yuan, about 40,000 bosses' provide a free trial software on the computer of property mobile number could be sold with 200 yuan. and detailed managggement office for facilitating communication data of 600,000 car owners in Guangzhou could be sold between this office and owners. The all owners’ detailed with less than 2000 yuan. personal data was transferred to the company's server •• All kind of personal data could be sold! Privacy with in one minute when they install this software; protection has emerged as a grave issue of public concern.

PrivacyPrivacy

•• Physical or mental characteristics or conditions might Ethica l CCEthil oncerns be deducible from biometric measurements. •• The most significant privacy concerns raised by biometrics relate to the threat of “function creep”, by which the original purpose for obtaining the information is widened to include the purposes without the informed and voluntary consent of the participants.

Stigmatization and Discrimination Stigmatization and Discrimination

•• Recent scientific research suggests that biometric features •• Various groups, including the elderly and disabled faces cancancan per se seperse disclose medical information . Certain the ri sk o f discr im ina tion. chromosomal disorders – such as Down’s syndrome, are •• Fingerprints become less readable with age, while those known to be associated with characteristic finggpgperprint who are vi suall y i mpai red or have a lim b m iss ing may patterns in a person. not be able to provide the requisite biometric data; and •• Thus, biometrics miggyht become not only an identifier, but severe pain and serious injuries may prevent some also a source of information about an individual. patients in emergency wards from providing biometric •• And future and likely use of genetic test information and characteristics. DNA profiles in biometrics bear many risks of discrimination and the multiplication of compulsory testing proceduresproceduresprocedures.

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 75 Dangers to Owners of Secured Items Lose Identity

•• When thieves cannot get access to secure properties, •• Some worry that today’s citizens will become biological there is a chance that the thieves will assault the data, as name, age, address and other traditional property owner to gain access. identifying characteristics are replaced by biometrics •• If the item is secured with a biometric device, the which could be used by companies and governments alike. damage to the owner could be irreversible, and •• On the other hand, many people in developing countries potentially cost more than the secured property. For do not possess any documents with which they can prove example, in 2005, Malaysian car thieves cut off the who they are. These people are already vulnerable on finger of a Benz owner when attempting to steal the car. account of their poverty, and the fact that they are unable to provide evidence of their identity makes it difficult to empower thththem.

Unease & Worry (1) Unease & Worry (2)

•• Taking the fingerprints of staff is not likely to improve •• One advantage of passwords over biometrics is that they morallle - they m ig ht fee l the ir super ior is loo king over can be re recanbe --issued. If a password is lost or stolen, it can be cancelled and replaced by a newer version. This is not their shoulders - and the associations with criminality naturally available in biometrics. If someoneÿs face is worry a surprising number of people . compromidfised from a dtbdatabase, they canno t cance l or •• A huge database containing this sort of personal reissue it.it.reissue information would unnerve staff . If such a system were •• There are ways to cheat the technology. Artificial devices could be used for mimicry, and the reliability of data is to be compromised, the results could be devastating. dependent upon the source that provided it. Biometric •• Worry on the poss ibility o f in fec tious diseases to be iden tificati on could b e f ool ed by a lat ex fi nger, a prostheti c transmitted via fingerprintfingerprint--scannerscanner devices. eye, a plaster hand, or a DAT (digital audio tape) voice recordinggg.

Public Concerns •• Furthermore, public concerns about the use of biometric technologies may focus on: -- The pervas iveness o f a tec hno logy w hic h many peop le do not understand. -- The lack of transparency of the work of biometric Ethical Governance technologies and its effects on individuals and society. - The difficulty of respecting privacy and confidentiality when third parties may have a strong interest in getting access to biometrically recorded and stored personal data. -- The difficulty in ensuring the security of shared personal data. - The lack of adeqqyuate infrastructure which may reinforce existing inequalities.

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 76 Ethica l Governance (BIONET) Europppean Commission F6

The concept of ethical governance arises from our understandings of the ways in which a governance system can be made both practical and just, in diverse historical, cultural and normative contexts. The following aspects define ethical governance in particular: •• Rule of lawlawRule •• Transparency •• Accountability •• RtfhihtRespect for human rights •• Public engagement, and so on

What do We Need? Principle 1Principle 1

•• We need an ethical framework for evaluating any •• Fundamental purposepurpose of biometric R&D and its conduct w hic h w ill b e ta ken in biometr ics R&D an d its application is to promote well --beings and quality of life of people with safer, more effective, and more advanced application. science/technology (ԕӪѪᵜԕӪѪᵜ take people as the •• This framework will be formed by a set of principles of ftforemostf t˅˅.. ethical governance, the set of principles is also core •• Biometric technologies should be used solely for legal, ethical, and non--discriminatory purposes values shared and committed by stakeholders who (International Biometric Industries Association, 1999). engage in biometrics R&D and its application. •• Any action in biometrics should be evaluated on the principles of beneficence and non-non-maleficencemaleficence serving as a basis for the attempts to weigh anticipated benefits against foreseeable risks.

Principle 2Principle 2 Principles 3

•• Biometric R&D and its application should maintain •• Conflict of interest between professionals, companies high standards of responsibleresponsible research, i.e. adhering and users in biometric R&D and its application should research integrity and committing safeguarding and ppproperl yppyy be handled with. In anyypp case people’s protecting people’’s rights and interests. (vulnerable in particular) wellwell--beingbeing cannot be •• “They are therefore committed to the highest standards compromised for the interests of professionals or of systems integrity and database security in order to companies. deter identity theft, protect personal privacy, and ensure equal rights under the law in all biometric applications” (Mintie D, 1999).

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 77 Principles 4 Principle 5Principle 5

•• Respect for persons, mainly respect autonomy serve as •• Human dignity serves as a basis for requirements of a basis for requirements of selfself--determination.determination. The privacy, confidentiality and medical secrecy. It requires ppprinciple of informed consent must be adhered. In case us not only to not infringe upon individual right of of rere--useuse of personal information for another purpose privacy/confidentiality, but also to do our best to different from the purpose when enrolment , consent prevent i mproper or illegal di scl osures of pri vat e has to be sought. information.

Principle 6Principle 6 Principle 7Principle 7

•• Justice serves as a basis for requirements of equitable •• SolidaritySolidarity serves as a basis of the right for everyone to distribution of limited resources, and prevention of enjoy the benefits from biometrics R&D and p ossible possible stigmatization and discrimination due to application, with a special concern for vulnerable improper disclosure of individual information. groupsgroups in society.society.in

Principle 8Principle 8 Principle 9Principle 9

•• Transparency requires biometrics R&D and its •• Public engagement requires us to take measures (such applicat ion s hou ld be ma de transparent to thblihe public, as the dialogue between biometrics professionals and i.e. taxpayers, and help them to know what is the public or its representatives, NGO) to facilitate biomet ri cs and wh a t are the bene fits an d r is ks from its public understanding of biometrics and lead to public application. ““con sul tati oocosu n””,,, ““engage me nt ”” ooor ““invol vem en t.t.vove ”” in the process of biometrics R&D and its application.

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 78 Good Governance (ழ⋫ழ⋫)?)? Good Governance (ழ⋫ழ⋫)?)?

There are three popular opinions in China for a good gggovernance: 3. Governance should accomppyany develop ment at initial 1. Develop (pollute) first, and govern second.( good stage and all stakeholders including government, scientists, governance?) engineers, humanists and social scientists , lawyers , 2. Scientists only concern R&D, government and enterprises businessmen, and the public need engagement in the only concern investment, the public only concern governance from the very beginning. (good governancegovernance)) enjoyment/consumption, and the humanists /social scititientists onl y concern comments with ithhidiht( hindsight(傜ਾ⛞傜ਾ⛞))). (good governance?)

Thank you very much for your attention

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 79 Welcome to the 3rd International Conference Ethics and Policy of Biometrics & International Data Sharing

3rd International Conference Ethics and Policy of Biometrics and International Data Sharing Hong Kong, 4-5 January 2010

Blair Stewart, Assistant Privacy Commissioner

Welcome to the 3rd International Conference Ethics and Policy of Biometrics & International Data Sharing

International Standards on the Protection of Personal Appropriate deployment of technology Data and Privacy “the Madrid Resolution”

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 80 Border control

Title Privacy Impact Assessment

Prime Minister John Key was the first person in New Zealand to use the SmartGate system.

Designing privacy into technology

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 81 International Standards on the Protection of Personal Data Protection Regulation Data and Privacy “the Madrid Resolution”

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 82 st Legi iltislative & &EthilQ Ethical Questi ons Forensic Science in the 21 Century: General Considerations Regggarding DNA and other Forensic “Biometric” Databases: Locard Principle (1904):

Dr. Elazar (Azi) Zadok PliPolice BiBrig. Genera l(Rt)l (Ret.) *“ Every contact leaves a trace”trace Director, Forensic Science Division, Israel Police * “Physi ca l ev idence never lies and i s never wrong or absent. It’s the The 3rd International Conference on Ethics and Policy of Biometrics and International itithfililtiinvestigator who fails in locating, Data Sharing studying and understanding it” HKHong Kong, January 4®5, 2010

The Roll of Forensic Science The Roll of Forensic Databases (I)

Forensic science deals with: In absence of forensic databases: * : drugs, explosives etc. Identification * Only 1:1 comparisons (scene/ suspect or * Comparison of physical evidence scene/ scene) can be achieved. from a crime scene with reference materials, leading to suspect/scene Forensic databases allow: or scene/scene connection. * Identification of suspects without their physical apprehension The chance of a case, having any (1:many comparisons) . forensic evidence in it, to reach court and get a conviction is higher by 50%,50%, * Detection of forged identities of individuals. as comparedhfd to case without any forensic *G* Generati on of val ua ble forensi c i ntelli gence. evidence.evidence.

Information Included in Forensic The Roll of Forensic Databases (II) Databases:

Manual forensic databases: * “Hit” generation ability depends on sorting Crime Scenes : thitechniques an d operat or’s skills. * Biological evidence. * Other physical evidence found on the scene. Computerized forensic databases: * Allow compilation of huge amounts of information. People (suspects, accused): * Automatically searched. * Biological characteristics. * Items possessed by or connected to them. Efficiency of the Database is a Function of its Size & Relevance. Reference materials: * Unrelated items needed for sorting/ Experts are always needed identification of other evidence. to confirm “hi ts” .

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 83 Types of Forensic Databases Almost any type of forensic evidence can Forensic DNA Databases: generate a database

Human traits: Physical evidence: * Photo-album * Shoeprints * Finger (& palm) prints * Firearms (cartridges & * DNA bullets) Human rights confinement * Voice & speech * Tool-marks OR * Physical characteristics * Fibers & polymers *d* Odonto logica ldl data * Chemical substances * Others (handwriting, (drugs, explosives, iris etc .) flammable materials, GSR, poisons etc.) Protective shield * Documents for the society?

Legggislative & Ethical Issues Concerning Forensic DNA Forensic DNA Databases (I)

* Forensic DNA was introduced DNA Database is by Prof. Jeffries in the U. K. in 1985. Diffeeerent:

* The first DNA profiles’ database was * DNA sample contains created in the U.K. in 1995. sensitive individual genetic information.

* The FBI possesses the largest DNA database * Might nonnon--codingcoding regions (more than 7M profiles, CODIS) used today for * The U.K. database (NDNAD) contains more identification have genetic meaning in the than 4.5M profiles ( 6.5% of the population) future?

Legislative & Ethical Issues Concerning Forens ic DNA Data bases (II) The U . K. NDNAD: AhiAchievemen ts….

Inclusion & Deletion Criteria: 4/014/01--10/0910/09 statistics

* Types of offences:: severe crimes * Total No. of crime scene only; recidivistic nature; all recordable offences matching subjects on database: 3333335,545 * Populations:: convicts only; suspects; arrestees; volunteers * Md/ttMurder/ attemp tdted * Deletion conditions:: acquitted; not charged; murder matches: 2,1632,163 volunteers * Rape crime scenes * Time period for deletion matches: 443414341,341

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 84 The U.K. NDNAD: The U . K. NDNAD: …OthOn the expense o f The case of S. and Marper vs. the U.K.

* 44,,762762,,033033 individuals retained (as of From ECHR Decision: 16/10/09; >66..55%% of population) * 3737,,515515 (0(0..88%)%) sample profiles retained from “…the practice of retaining DNA and fingerprints of volunteers anyone arrested but not * ~16% duplicate records charged or convicted in * Includes: 4040%% of black men; 13% of Asian England and Wales was a violation of the ‘right to men and only 99% of white men respect for private life’ * ~6% of profiles of under-18s under Article 8 of the * Includes 00..88--11MM people who ECHR” have never been charged (December 2008) or convicted

The U.K. NDNAD: Legggislative & Ethical Issues Concerning The case of S. and Marper vs. the U.K. Forensic DNA Databases (III)

Home Office response (May 2009): Retention & further use of DNA A consultation paper issued: “Keeping the Right People on the DNA Database: Science and Public samples/ profiles: protection”

Proposed DNA retention rules: Issues for consideration: * Convicted adults- indefinite * “Function creep”p in research * Unconvicted adults- 6/12 years * “Genetic Criminology” * Unconvicted 16-17s- 6 years for serious offence, * Database updating due to future 3 Years for minor offence technological developments * Volunteers- deleted from database * Interchange of information between different DNA databases

Legislative & Ethical Issues Concerning Legggislative & Ethical Issues concerning Forensi c DNA Data bases (IV) Forensic DNA Databases (V)

Other issues: DNA dragnets (intelligence-led mass screenings): * Familial searching * Considerations: ethnical; * Abandoned DNA geographical; others

*P* Popul ati on-wide DNA d at ab ase * “Stan d a lone ” or i ntelli gence based operation * Professional expertise: - Lab performance & accreditation * Community cooperation - Results interpretation * Cost effectiveness relative to other means

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 85 Society welfare & privacy rights: Legggislative & Ethical Issues concerning can these be properly balanced? Forensic DNA Databases (VI) Anat Fliner murder case DNA of volunteers:

* Definition: people who might be connected to the crime are asked to submit DNA sample for elimination purposes (not as suspects) .

* Issues for consideration : - Type of consent (limited; comprehensive) - “Informed” consent - Revoking the consent - Fate of samples & profiles of volunteers

Society welfare & privacy rights: Society welfare & privacy rights: can these be properly balanced? can these be properly balanced? Anat Fliner murder case Is this DNA evidence admissible in court?

* 500 people were sampled in a DNA dragnet. * All of them signed a limited consent form, YES NO The “Public safety” model: The Exclusionary model: allowing the use of their profiles for the Based on murder investigation only. Criminal justice system “the fruit of the poisonous * DNA lab expert recalled a shldhould: t”tree” dtidoctrine: *Fight crime & criminals relatively rare combination *Defend public & victims Evidence obtained by defective or oflllf alleles, siiltimilar to one o f safety unlawful means or processes *Find the truth should not be used against the the volunteers, in another *Convict & punish criminals accused, in order to: serial rapes case. Only the reliability of the *Strengthen public trust in * The full profile of the volunteer matched evidence itself matters law enforcement system perfectly, revealing the serial rapist identity. *Avoid breachinggg rights of suspects

Society welfare & privacy rights: Society welfare & privacy rights: can these be properly balanced? can these be properly balanced? Is this DNA evidence admissible in court? Is this DNA evidence admissible in court?

The “fruit of the poisonous tree” doctrine does Judge argumentation for admitting not automatically hold. the e vide n ce in court (I ):

Criteria for admissibility of evidence * There is always a conflict to be decided by court on a case to case basis: between the private interest * “The use of imppproper investi gation or right violated on one hand, methods intentionally and deliberately andhd the publblblic interest in using or in good faith” the evidence as part of the * “An urgentdt need tttbliftto protect public safety” struggle for law enforcement and * “The degree to which the illegal or unfair putting criminals to trial on the investigation method affected the credibility of other hand. the evidence obtained”.

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 86 Society welfare & privacy rights: Society welfare & privacy rights: can these be properly balanced? can these be properly balanced? Is this DNA evidence admissible in court? Is this DNA evidence admissible in court?

Judge argumentation for admitting Judge argumentation for admitting the e vide n ce in court (II ): the evidence in court (III):

* It is unacceppptable that the police *hi*In this case, th e accused and attorney general will stand unarmed in front of such a suspect, privacy violation is not comparable having an excellent evidence to to the damage to the public and prove his guilt, but not having the law enforcement that could ability to charge him only because result in not having him put to of a virtual damage to his privacy. trial.

Summary and Conclusions Thank you for your attention

• Modern forensic science combined with comprehensive biometric databases form a powerful tool in the hands of law enforcement agencies.

• In many circumstances, problems related to privacy and human rights breaching may arise.

• In many countries, legislators’ attitude towards DNA databases is changing, from both extremes, towards a much more balanced one: Inclusion of convicts in all felonies, but restriction of the retention and use of data concerning legally innocent populations.

• Every conflict should be resolved either by legislation or in court. There is no single solution for all cases.

• Government should create an appropriate public atmosphere, ensuring correct balance between human rights and law enforcement.

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 87 AgendaAgenda ZZ BI?BI?B. I. ?B ? B ZZ Biometric Identity ZZ SolutionSolution ZZ IssuesIssues Ir. Dr. Raymond Wong Mr. Wilfred Tan

Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved. Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved.

of B.I.B.I.of AgendaAgenda ZZ B. I. ??B. What IsIsWhat ZZ BiometricBiometric IdentityIdentity BBI?BI? I? ZZ Sol uti on ssSout ZZ IssuesIssues

Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved. Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved.

of B.I.B.I.of of B.I.B.I.of

BBiometriciometric

Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved. Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved.

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 88 of B.I.B.I.of

Biometrics for Iden tifica tion ? ::,/)5(',/)5(' 7$1

Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved. Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved.

of B.I.B.I.of

Identity Management

Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved. Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved.

of B.I.B.I.of of B.I.B.I.of

Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved. Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved.

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 89 of B.I.B.I.of of B.I.B.I.of

Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved. Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved.

of B.I.B.I.of of B.I.B.I.of

GOVERNMENT Requirements of Travel Documents •ICAO •EU

Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved. Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved.

of B.I.B.I.of AgendaAgenda Completely FalseFalse IIdentitydentity ZZ BI?BI?B. I. ?B ? ZZ BiometricBiometric IdentityIdentity ZZ SolutionsSolutions ZZ IssuesIssues

…… btbut genui ne P assport

Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved. Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved.

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 90 of B.I.B.I.of

TRUSTED IDENTITY / IDENTIFICATION

An Example In Hong Kong

Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved. Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved.

of B.I.B.I.of AgendaAgenda Biometrics for ZZ BI?BI?B. I. ?B ? ZZ Identity Vs Identification 1.Identity, then ZZ SolutionSolution 2.Identification ZZ IssuesIssues

Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved. Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved.

of B.I.B.I.of of B.I.B.I.of

Solution?Solution? reeder B Documents

Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved. Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved.

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 91 of B.I.B.I.of

•Certainty •Clarity •Cogency

Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved. Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved.

of B.I.B.I.of of B.I.B.I.of ertaintyertainty

Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved. Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved.

of B.I.B.I.of of B.I.B.I.of

Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved. Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved.

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 92 of B.I.B.I.of of B.I.B.I.of

Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved. Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved.

of B.I.B.I.of of B.I.B.I.of

Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved. Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved.

of B.I.B.I.of of B.I.B.I.of

cceptbltable Application

Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved. Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved.

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 93 of B.I.B.I.of AgendaAgenda

ZZ B. I. ??B. ZZ Iden tity V s Id en tificati on ZZ SolutionsSolutions ZZ IssuesIssues

DNA Information

Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved. Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved.

of B.I.B.I.of of B.I.B.I.of IliIn conclusion … Issues: BIB.I. is as si mple as  Consent  Shared use  Twins  Simp le App licat ion  Others

Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved. Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved.

of B.I.B.I.of

Responsibility Government? ICAO?ICAO?

Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved. Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved.

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 94 B ofof Thank you

[email protected] [email protected]

Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved. Copyright©2009Copyright©2009--20102010 Ir Dr. Raymond Wong. All Rights Reserved.

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 95 Social Networking Privacy and Data Protection for Social Networks Objective:  To build a community based on common interests & activities

Usage:  Communication 3rd International Conference  Meeting people ETHICS AND POLICY OF BIOMETRICS  Self-expression AND INTERNATIONAL DATA SHARING Jan 4 ~ 5, 2010 BioID AG – Ho Chang Means of communication:  Posting, News Feed, Notification, Chat, eMail, etc.

© BioID AG 2010 © BioID AG 2010

Social Networking – Be Recognized! Contact Profiling

 Profiles created with selected personal information & interests:  Family  To search or view the profiles of other users  Friends  To connect with old friends  Colleagues  To make new ones  Business  etc  In a social network, you want to be “recognized”!

© BioID AG 2010 © BioID AG 2010

Data Classification Public Data vs Private Data

 Basic Information  A user decision!  Personal Information (Interests, Activities, Favorites)  Assumption: The contacts are who they claim they are!  Birthday  Contact Information Public Data  Education and Work Private Data  Religious and Political Views Shared with:   Family and Relationship  Family  Friends   Photos and Videos of Me  Colleagues   Business   Photo Albums etc.

© BioID AG 2010 © BioID AG 2010

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 96 Social Networking Today The Problems

 Huge member base  No verification of user identity  Mostly operate on the “honor system”  Little or no traceability in case of a serious complaint  Usually require real name &  Anonymity & physical distance lead to a age to open only one account false sense of security  Many provide API for 3rd Party Applications

© BioID AG 2010 © BioID AG 2010

The Risks – To Users The Risks – To the Service Providers

 Excessive information could be compromised  Liabilities  Personal data could be stolen  Can be misused for malicious purposes  Lead to spam  A magnet for unscrupulous people  Lead to abuse on user profile  Lead to identity theft or physical harassment

© BioID AG 2010 © BioID AG 2010

Privacy & Data Protection A Possible Framework?

Who are responsible for the privacy and data protection? An infrastructure based on existing technologies and standards:  Users?  A multi-factor user authentication which is familiar to users  Service Providers?  Technologies which can be readily adopted by service providers  Government?  Technologies with industry standards

How about a “Social ID”?  Smart Card + Biometrics + PKI

© BioID AG 2010 © BioID AG 2010

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 97 What is a “Social ID”? How does it work?

 A “Social ID” can be:  Social ID” user authentication:  simply an ePassport, or  is a strong multi-factor user authentication  a National ID with digitally signed ICAO biometric templates, or  can be user-initiated over the web  a Smartcard with digitally signed ICAO biometric templates  can be self-authenticated locally  A “Social ID” consists a private key  “Certified Users”  A “Social ID” does not require a DB  Users who log on to the social network with a “Social ID”  A “Social ID” is supported by the industry  Users provide public key only to “Certified Users”  e.g. PC, USB webcam  “Private” information is encrypted using the private key  “Private” information can be viewed by users with the corresponding public key

© BioID AG 2010 © BioID AG 2010

Conclusion

 Privacy and Data Protection is possible for social networking!

 Increase of consciousness of privacy and security through the use of biometrics and PKI in social networking

Thank You!

© BioID AG 2010 © BioID AG 2010

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 98 Indian Economy: becoming e-economy

Continuing story of growth Internet is replacing other channels to Increased thrust on e-Governance execute banking transaction Building a New Ecosystem for About $ 10 billion investment About 100,000 railway e-Tickets by IRCTC India Mission mode projects- Income Tax, Retail epayment likely to grow by 70 %, MCA21, Passport, UIDA etc Cyber Security & Data Protection $ 180 billion by 2010 Government@ 24 x 7 e-Commerce growth- 30 % E-transaction currently account for 37 % total transactions. However, total Travel, downloads & e-tailing 75 % payment value in electronic Becoming an important driver of Internet Vinayak Godse Card circulation (credit & debit) Sr. Manager- Security Practices, DSCI Mobile will hit 210 million by 2010 More than 490 million subscribers Mobile banking transaction allowed, and Cross 1 billion by 2014 expected grow faster 3rd International Conference Internet Penetration Outsourcing industry- Low at 7.1 %, will be 3rd by 2013 (Forrester) ICEB 2010 $ 225 billion by 2020 from current $ 50 billion 4th –5th Jan 2010 Cyber security and data protection is critically important for securing growth of Indian economy

A NASSCOM® Initiative A NASSCOM® Initiative

E-economy: Rising concerns of end users An ecosystem for cyber security and data protection Competent legal model for security and privacy? Legal Framework Current legislative ecosystem understand new age complexities? Annoyance over telemarketing calls & Special legislation for governing Information Technology? Transformation from Joint to Nuclear messages family structure Benchmark or conform with international practices Increased awareness of personal Fast climbing individualism ladder information being collected Government proactive in policy enablement? Government New emerging segment: 25-35 years Rising concerns over computer & Investment and attention to increasing challenges? Initiatives internet security Increasing usage of Internet services Programs, initiatives and partnership with industry, academia and Media coverage of national & other stakeholders? Emergence of personalize services international data breaches Flagship projects that affect cyber space and privacy? Improved understanding about Important Projects security and privacy in cyber space Increased exposure of IT/ITES industry Their status and likely benefits? to global data protection regulations Industry is participation and collaboration? Industry Initiative Special purpose mechanisms established?

Law Enforcement Law enforcement effective enough? Initiatives for the improvement?

A NASSCOM® Initiative A NASSCOM® Initiative

India- Data Protection & Privacy Legal Model IT (Amendment) Act, 2008 % Data Protection & Privacy Model New definitions include ‘communication device’, ‘cyber café’, ‘cyber security’, ‘electronic signature’, and ‘Indian Computer Emergency Response Team’, and ‘intermediary’. Fundamental Rights (Art.21) % Intermediaries: Chapter XII on network service providers has been renamed as Supportive Legislation(s) “Intermediaries not to be liable in certain cases” A Spiral of Myths • The Indian Penal Code, 1860 % Data protection new section 43A; existing section 43 strengthened source code • The Indian Telegraph Act, 1885 % Penalty for breach of confidentiality and privacy: new section 72A No supportive • The Indian Contract Act, 1872 legislation • The Specific Relief Act, 1963 % Cyber crimes: new sections for 66A to 66F; 67A to 67C – unauthorized access, offensive No special • The Public Financial Institutions Act, 1983 messages, identity theft, impersonation, violation of privacy, and cyberterrorism; legislation • The Consumer Protection Act, 1986 transmitting obscene material, child pornography • Credit Information Companies (Regulation) % Interception and blocking: 69A and 69B Act, 2005 No Constitutional % Retention and preservation of traffic data and information by intermediaries, and other guarantees Special Legislation(s) No Conformity • The Information Technology Act, 2000 computer resources– 67C, 69B with OECD, EC, • The Information Technology (Amendment) % Critical information infrastructure protection – sections 70A and 70B on a nodal agency, No data protection & APEC etc Act, 2008 and for CERT-In to respond to incidents including notifying breach of incidents privacy legal model International Conventions % Electronic contract formation: Section 10A provides for validity of contracts formed • International Covenant on Civil and Political Rights, 1966 through electronic means. • Universal Declaration of Human Rights, % Encryption: Section 84 A enables the central government to prescribe the modes or 1948 methods of encryption for secure use of the electronic medium and for promotion of e- Ref: Vakul Sharma, Advocate, Supreme Court governance and e-commerce A NASSCOM® Initiative A NASSCOM® Initiative The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 99 IT Act (Amendment) 2008- Sections 43A and 72A IT (Amendment) Act, 2008

• New Section 43A: Data protection has now explicit new clause 43 A – for Data been made more explicit through insertion Protection- IT Act and amendments include provisions on of a new clause 43A that provides for “Compensation to an aggrieved “compensation to an aggrieved digital signatures, e-governance, e-commerce, person” whose personal data including person” whose personal data including sensitive personal data may be “sensitive personal data” may be data protection, cyber offences, critical compromised by a company, during the compromised by a company information infrastructure, interception, cyber time it was under processing with the Compromised because of “negligence in company, for failure to protect such data implementing or maintaining terrorism…etc. whether because of negligence in reasonable security practices” implementing or maintaining reasonable security practices 72 A- “Punishment for disclosure” of ‘Avoiding legal Multiplications’ information in breach of a lawful • Section 72 A: Penalty for breach of contract confidentiality and privacy: - ….45 U.S. Federal enactments punishment for disclosure of information in “Disclosure without the consent“ of breach of a lawful contract is prescribed the subject person “will constitute a ….About 598 U.S. State enactments breach” ….16 UK enactments

A NASSCOM® Initiative A NASSCOM® Initiative

Government Initiatives Industry Initiatives Legal entity, nodal agency for incident response IT Services Industry Policy enablement and regulations Securing client data Contributing of growth CERT-In IT Industry Providing security solutions of security profession Department of IT Threat monitoring, response planning, incident tracking Presence of all major security vendors Critical infrastructure protection No dearth of security Guidelines, standards, testing, security drills and certification Preferred destination of security research skills Niche security players Awareness: outreach & awareness, survey, security portal, training Collaboration: work with industry, international CERTs, network of security & privacy professionals, and academia

UIDAI- primarily for economic benefits, will contribute to NASSCOM 4 E Framework securing transactions Setting up Data Security Council of India Important Projects Industry Initiative NATGRID- Intelligence grid, transaction monitoring Cyber Labs: NASSCOM DSCI initiative for CCTNS- Networking all police stations in the country training of law enforcement National Skills Registry DFS- Director of Forensic Science, under Ministry of Home Affairs Cyber Labs CFSLs- 3 Central Forensic Labs GEsQD- 3 Examiner of questioned document laboratories SFSLs- 28 State Forensic Labs A NASSCOM® Initiative A NASSCOM® Initiative

Data Security Council of India DSCI- Data Protection Practices DSCI- Data Security & Privacy protection • “Connected Endeavour”- Set up by NASSCOM as a non-profit company – Industry + Government + clients + DSCI Security DSCI Security Framework (DSF©) international bodies + knowledge Framework DSC 16 Best Practice areas Outsourcing Objective sources PES PEN TSM SAT Based on ISO 27001 Low-cost resources Consistent data security • “Continuous Engaged” for the cause of MIM TVM UAP BDM Quality & diversity Security at Affordable cost data protection INS APS SCM Draws upon the tactical DSCI Security SSP SEO ASM GRC Scale up & expanding Privacy for customer • Building “Ecosystem for enhanced recommendations Practices confidence security and privacy” culture Takes note of new approaches, technology and tactical mechanisms Establishment of rules & standards • Proactive role for “policy enablement” evolved Promote ethics, quality and best practices that affect ICT • “Collaborate” with multi-stakeholders DSCI Privacy DSCI Privacy Framework (DPF©) Self-Regulation: and interest groups at national and international forums Framework PIS 9 Best Practices and 12 Privacy Principles Adoption of best global practices IUA MIM PAT

• Approaches, “Frameworks and POR RCI Independent Oversight: Privacy Policy Guidelines Practices” to align security and privacy DSCI Privacy VPI PPP PCM Focused Mission: practices to recent trends Practices Privacy Impact Assessment Enforcement Mechanism: • “Repository of knowledge” and content for benefit of industry

A NASSCOM® Initiative A NASSCOM® Initiative The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 100 National Skills Registry: Ensuring Personnel Security Law Enforcement: Tackling of new age crimes

• Database of pre-verified resumes. National Level initiative for Personnel Security- Central database “Lack of reporting” by individuals, – Data ownership with IT Professional. commercial organizations due fear of adverse – Fingerprint for unique identification. Identity assurance: One person – One publicity and loss of reputation and share prices Profile, Finger prints of professionals Cyber Crime Case Investigation Web based secure interface • The 7 stage continuum of a Technology platform connecting “Transnational nature” and the associated • Subscriber criminal case starts from Companies – Professionals – Background “jurisdictional problems” that contribute to – Pool of country’s IT Skills perpetration to registration to Checkers the complexity of investigation reporting, investigation, – Safer & Efficient Recruitment Factual and objective data- source prosecution, adjudication and – Standard Verification Process confirmation execution. – Cost & Time Saving “30 million policemen” to train apart from Data ownership & Privacy “ ” • IT Professionals 12,000 strong Judiciary – Reduced Recruitment Time Deterrence for professionals faking details – Transparent Verification Process Standard Processes and reporting “Delay in investigation and prosecution” affect the spirit of bringing criminal to justice 70 large employers have pledged to recruit through NSR Current Status Enrolments till Dec, 2009: 561,000 Fingerprinting: 344,000

A NASSCOM® Initiative A NASSCOM® Initiative

Law Enforcement: Tackling of new age crimes

Separate authority for Critical Infrastructure protection Rationalization of Internal Security Department CERT-In- nodal agency for Incident management National Intelligence Grid (NATGrid) Cyber Appellate Tribunal Connecting more than 21 public Delegation of instigation power to databases Thank You lower level officer Quick and secured access to desired information Cyber Forensic Labs Store, digest and disseminate Cyber Crime Investigation Cells. actionable information Cyber Police Stations major Cities Crime and Criminal Tracking Network and C-DAC: Home grown forensic tools Systems (CCTNS) Awareness Programs Connecting 14,000 police stations Central visibility of crime records NASSCOM-DSCI Cyber labs: training of law enforcement officials

A NASSCOM® Initiative A NASSCOM® Initiative

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 101 SAFRAN AT A GLANCE

An international high technology group

 More than 12 billion Euros sales in 2007 (At December 31, 2007)

 58,200 employees in over 30 countries (At September 30, 2008)  Three branches of activity: - Aerospace propulsion Protected biometrics for Identity Trust - Aircraft equipment - Defense Security

Sagem Sécurité: worldwide leading positions  Multi modal biometrics solutions RISE - Awareness of Biometrics and Security Ethics  ID solutions By Nicolas DELVAUX [email protected]  Biometric terminals (access control) Hong-Kong, 5th of January 2010  Automated fingerprint identification systems  Secure ID documents including biometric features (passports, H&ID cards, driving licenses)

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010 DOCUMENT INTERNE - Equipe Marketing / 22 mai 2010 0 1

Agenda

1. An Identity use case - from Passport to e-Passport: a short survey1

2. Identity : a new field for organised crime

3. Biometrics for identity : strategies for trustworthy framework

4. Conclusion

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010 Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

2 3

Travel document : passport usage

 Process for identity verification: 1. To authenticate the travel document: issuer, securities, etc… 2. To check document personalisation 3. To check the link between document data and holder An Identity use case -  Majors identity’s issues from Passport to e-Passport: a short survey  Fake travel documents  Genuine travel document with fraudulent personalisation  Stolen travel document with photo substitution  Impostor using similarity with the genuine travel document holder

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010 DOCUMENT INTERNE - Equipe Marketing / 22 mai 2010 4 5

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 102 Challenging issues for checking process Identity on e-Passport: more authentication factors

Genuine document Facial similarity ICAO 9303 introduces major updates  Electronic: to authenticate the genuine travel document and information consistency by electronic signature  Biometrics features: face (M), fingerprint and iris to link the document and the holder

To be: biometrics To know: PIN To have: token 1 2 3 4 5 6 7 8 9 * 0 #

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010 Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

6 7

Biometric authentication

 Biometrics technologies is not restricted to law enforcement  Since 90’s: large scale civil application for civil registry, welfare, etc.

 Need for ID fraud prevention  US: $50 billions / year (source: Javelin Strategy & Research Survey – 2007) Identity : a new field for organised crime  UK: £1.7 billions / year (source: 2006 Home office report)

 France: € 6.2 Billions / year for welfare organizations € 474 Millions for 212,762 victims in 2008, (source CREDOC, June 2009)

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010 DOCUMENT INTERNE - Equipe Marketing / 22 mai 2010 8 9

ISO/IEC JTC1 SC37 Biometrics as Security Enhanced Technology for Identity Biometrics protection issues Reference Architecture

Attacks Data Data ComparisonMatching Decision  Identity management is a security target for the future Collection Storage Enrolment MatchingCompare Identity Database Template Matching  Biometrics: individual authentication or identification based on Claim Score(s) Signal physiological / behavioral traits of individuals Match? Candidate? Presentation Template Processing  Many modalities : fingerprint, face, iris, vein, DNA.. Template Threshold Match/ Candidate  Creation List Different performances and no « silver bullet » modality or technology Biometric Non-match  Characteristics Common characteristics: Universality, Uniqueness, Permanence, Collectability Features Quality Control Verified? Identified? Re-acquire  As any stage, use of biometrics can potentially raise privacy & securiy concerns: Sensor Feature Extraction Decision Segmentation Criteria  Misuse / Abuse, breach,function Creep Verification Identification  Collected without consent: collected from a trace, from a data base, Sample Sample

Compression Expansion  Nobody can revoke his/her biometrics Transmission Enrolment  Protection schemes are essential! Channel Verification Transmission Identification

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010 Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

10 11

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 103 Biometrics protection: technological approaches Secure token  Pros: an evaluated solution  Cons: what happens when token is cracked? Cryptography  Pros: reliable solutions Biometrics for identity :  Cons: ready for all your live strategies for trustworthy framework MMulti-modalities  Pros: statics and dynamics mixture  Cons: increase complexity only Crypto-biometrics  Pros: revocability capability  Cons: accuracy & irreversibility

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010 DOCUMENT INTERNE - Equipe Marketing / 22 mai 2010 13 14

An implementation on bio-encryption Biometrics protection: Legal Approaches Solution providers in EU

Fingerprint  biometry Needs more developments  Depending MS: EU: legal Data Protection Multiple + revocable  from prior authorisation to simple Multivendor Generation of identities based on the framework notification interoperability protected same fingerprint  Interpretation by DPA principles:  “PROPORTIONALITY PRINCIPLE” pseudo identities  Directive 95/46 on personal data  Systematic warnings about biometrics Minutiae protection databases Vendor A ID1  Template National transposition in (27) laws  Deployment discrepancy & ID3  different perceptions protection Hash different identity management Minutiae  In most MS:  different level of trust Vendor B no specific provisions on biometrics ID2  Some MS: biometric data as « sensitive data » Identities are not or only when reveal racial, ethnic invertible origins or health Needs of dedicated legal decision

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010 Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

15 16

Principles of proportionality: uses cases Biometrics database: submitted to DPA decision?

Time attendance Access control in sport stadium

Access control in swimming pool At school (Fingerprint)

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010 Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

17 18

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 104 Conclusion Identity is a major value in society

To demonstrate Identity:  Travel document: authentication factors by a token  Need of an additional authentication factor: biometrics modalities  Long-term mechanisms for a worldwide trust Thank you for your patience!

Needs of technical and legal consistent approaches  Protect identity for citizen privacy  Protect identity for trusted relationship Protected biometrics for identity trust  Security against abuse, misuse and corruption of identity RISE - Awareness of Biometrics and Security Ethics  Privacy and Security shall become “a positive-Sum Paradigm” By Nicolas DELVAUX [email protected] Hong-Kong, 5th of January 2010

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010 DOCUMENT INTERNE - Equipe Marketing / 22 mai 2010 19 20

The Third International Conference on Ethics and Policy of Biometrics and International Data Sharing, 2010, Hong Kong 105