The rapid proliferation of biometric technologies raises numerous legal and ethical questions. On the one hand, the emergence of biometrics signifies a new stage in the evolution of technologies. Biometric technologies have the potential to enhance the quality and efficiency of business and personal interactions. On the other hand, the risks of abuse and misuse of biometric technologies should not be disregarded. The public have already accepted the use of biometric systems in security, including banking and governments. Fingerprint scanners, iris scanners, and facial recognition systems have become commonplace. However, the use of DNA as a biometric identifier for governments and businesses is still not accepted by the public, simply because it can be used in police investigations or help to detect genetically-inherited diseases in life and health insurance. This paper evaluates this statement in relation to the insurance and privacy. Based on everything written in this paper, biometric technologies have more benefits than drawbacks, but only public education can guarantee acceptance and recognition of biometric technologies in various fields of performance.
Insurance and biometrics: A questionable link?
The 21st century has opened a new era of biometric technologies in many spheres of life. Biometric technologies are becoming a popular and cost-effective instrument of security protection. Biometric systems allow storing enormous bodies of personal data and related information (Faundez-Zanuy 2005). Biometric identifiers are used to describe and interpret individuals’ medical history, religious and sexual preferences, consumption habits and their potential impacts on life and employment (Faundez-Zanuy 2005). Biometric identifiers generate and store the information, which allows identifying a person, his/her name or appearance (Faundez-Zanuy 2005).
The purpose of all biometric systems is to characterise all individuals as different from one another. These differences are applied in a number of fields, from personal identification in workplace environments (for example, accessing sensitive systems and data) to the identification of consumption habits and health behaviours/ patterns. Most biometric systems currently in use are based on the same information collected from human beings (Faundez-Zanuy 2005). Through speech recognition, iris recognition, fingerprints, or photos, these systems identify individuals without acquiring any deeper knowledge of their personal characteristics (Faundez-Zanuy 2005). All these systems can potentially enhance the quality and effectiveness of the existing security systems, but not until DNA biometrics comes into play.
The most controversial is the use of DNA-based biometric systems. Faundez-Zanuy (2005) writes that DNA matching technologies are not cheap but far from being perfect. The most problematic are the implications of DNA biometrics for health and life insurance companies, and it is no wonder that the public usually object to the use of DNA-based information in health and life insurance. The problem is in that “there is a portion of population for which it is possible to extract relevant information about health, […] for example, speech disorders, hair, or skin color problems, etc.” (Faundez-Zanuy 2005, p. 14). A number of studies suggest that DNA-based systems can provide detailed medical information about human beings, including the presence or absence of chromosomal disorders (Faundez-Zanuy 2005). Some studies suggest that there is a link between DNA-based biometric data and homosexuality (Faundez-Zanuy 2005). Even although none of these hypotheses have ever been proved empirically, the public have a fear of losing their privacy and facing discrimination, based on the results of DNA identification.
Needless to say, the risks of abuse and misuse of DNA-based biometrics in health and life insurance remain increasingly high. An interesting example is described by Jaquet-Chiffelle, Benoist, Haenni, Wenger, and Zwingelberg (2009) – a workplace-based computer system identifies users by the typing pattern. If workers’ typing patterns change, they have to spend additional time typing specimen texts (Jaquet-Chiffelle et al. 2009). The most concerning is the fact that, through the typing pattern, the system also identifies the signs of the emerging Parkinson’s disease in workers (Jaquet-Chiffelle et al. 2009). Employees working in the organisations do not know whether the system informs the employer about their health state (Jaquet-Chiffelle et al. 2009). Consequently, any employee may face the risks of termination, due to the emerging disease. Even more worrisome is the fact that, in reality, biometric systems have little relation to health or life insurance. However, there is no guarantee that insurance companies will not want to use this information to increase their premiums. The fact that very few genotype-phenotype relationships are understood by researchers is persistently ignored (Roden et al. 2008). Therefore, individuals looking to insure themselves from various life and health difficulties may face the threat of data misuse and biometrics abuse for the sake of greater insurance profits.
Yet, the situation is not as tragic as it seems, and even challenging DNA-based biometric systems do have the potential to protect individual security and even contribute to the development of personalised medicine (Roden et al. 2008). With biometric security, insurance agents can protect sensitive data from the risks of unauthorised access and intrusions, while health care professionals will get instant access to patients’ data (Mogli 2011). The use of biometric systems is much more effective and reliable than traditional insurance databases. The risks of intrusions are minimal. Simultaneously, in the absence of solid empirical findings, the use of DNA-based systems in insurance should be limited. With the rapid development of biometric technologies, insurance companies and agents providing health and life insurance may soon be able to use the raw biometric data for medical and insurance purposes (Liu 2008). Even today, by examining a person’s retina, medical experts can determine the range of diseases affecting this person, such as hypertension and arteriosclerosis (Liu 2008). This is why, to secure individuals from the risks of privacy intrusions and to ensure that the insurance industry does not use DNA-based biometrics to discriminate against clients, the insurance industry must take steps to (a) educate the public about the benefits of biometrics and (b) issue policies that protect their clients from the risks of data misuse.
Biometrics and privacy
The balance of biometrics and privacy is extremely difficult to achieve. Actually, privacy remains one of the ethical and legal cornerstones in the development of biometric systems. The main problem is that biometric data are extremely personal; they are sensitive and, unlike a PIN or password, cannot be reset once they are inappropriately released (Woo 2010). Biometric data touch the most sensitive sides of individuals’ lives, including their ethnic origin and health problems (Woo 2010). This is why they can create a perfect basis for discrimination and abuse (Woo 2010). Added to this is the fact that biometric technologies can be used to identify individuals without their consent (Woo 2010). In biometric technologies, a sample of individual characteristics is compared to a series of other samples, with the goal of identifying that individual. This is why any instance of biometric technologies use can be considered as the intrusion on privacy (Woo 2010).
The public objects to the use of biometric data, because biometric technologies pose greater privacy threats than earlier identification technologies (Vakalis 2011). Vakalis (2011) discusses an interesting example of e-passports and their implications for privacy and legal development in the European Union (EU). Vakalis (2011) writes that e-passports are used everywhere, including duty free shops and hotels, and any employee can copy the digital information and use it for his/her not always legal purposes. Automatic identification poses another problem: even a low-quality digital passport will pass border controls, especially when there is a facial image resemblance (Vakalis 2011). Finally, not all biometric systems possess sufficient formal security formulations and proofs (Ignatenko & Willems 2009). Systems that display enhanced security often sacrifice privacy, and vice versa (Ignatenko & Willems 2009). In this situation, it comes as no surprise that so many people object to the use of biometric systems and do not feel confident about their privacy.
Yet, again, the situation with privacy in biometric systems is not as tragic as it may seem. Contrary to public beliefs, biometric systems provide more effective privacy protection than traditional databases. “Biometrics is a friend of privacy whether used in the private or public sectors. Biometrics proves itself as privacy’s friend when it is deployed as a security safeguard to prevent fraud” (Jain, Bolle & Pankanti 1999, p. 400). Looking at the financial and banking sectors in Europe, it is clear that biometrics has greater potentials to prevent financial frauds and crimes than traditional data systems. Today’s criminals take advantages of the weaknesses of PIN- and password-based systems (Jain, Bolle & Pankanti 1999). PINs and passwords are commonly used to surreptitiously access individuals’ accounts through ATMs (Jain, Bolle & Pankanti 1999). Honest citizens can no longer trust PINs and passwords, and they lack resources to control their financial resources and data. With the presence of biometric systems, stealing financial resources and data becomes much more difficult. In the atmosphere of globalisation and openness, biometrics can become an extremely effective tool of preserving individuals’ financial integrity (Jain, Bolle & Pankanti 1999).
The public should understand that, even with all its drawbacks and weaknesses, biometrics is the best way to make access to confidential information limited. Biometrics limits access of unauthorised personnel to sensitive data (Jain, Bolle & Pankani 1999). Additionally, biometric access to confidential data allows monitoring and tracking everyone who accessed or tried to access personal information (Jain, Bolle & Pankani 1999). Very often, biometric systems do not disrupt but, on the contrary, enhance privacy protection. For example, some digital systems transform biometric data into a digital encryption code without storing any individual characteristics of users (Jain, Bolle & Pankani 1999). These digital codes can be used to develop anonymous encryption systems (Jain, Bolle & Pankani 1999). Certainly, most biometric systems are still in the state of infancy, and their limitations and possible drawbacks need to be considered. Simultaneously, through education, the benefits of biometric systems and their privacy potentials can be communicated to the public. This is how life and health insurance agents and security/police professionals can become more advanced in their approaches to identity protection and privacy. This is how individuals will be able to benefit from biometric systems through a greater integrity of their personal and financial information.
The use of biometric systems in life and health insurance raises numerous issues. Privacy is one of the cornerstones to effective use of biometric technologies in all spheres of life. However, based on everything written in this paper, biometric technologies have more benefits than drawbacks, and only public education can guarantee acceptance and recognition of biometric technologies in various fields of performance. In other words, biometric systems are not enemies; they are friends of privacy, whenever used in public and private sectors (Jain, Bolle & Pankani 1999). Certainly, the risks and limitations of biometric systems cannot be disregarded. In any case, most biometric applications are still in the state of infancy. However, the potential benefits of biometric databases overcome their weaknesses, and, through public education, citizens will finally learn the value of biometric privacy protection. This will become the first step to the development of effective and safe biometric solutions in business and private fields.