Editing Biometrics (section)

==Issues and concerns==
===Human dignity===
Biometrics have been considered also instrumental to the development of state authority<ref>Breckenridge K. (2005). "[https://wiser.wits.ac.za/sites/default/files/Breckenridge%20-%202005%20-%20The%20Biometric%20State%20The%20promise%20and%20peril%20of%20digi.pdf The Biometric State: The Promise and Peril of Digital Government in the New South Africa]". ''Journal of Southern African Studies'', 31:2, 267–82</ref> (to put it in Foucauldian terms, of [[discipline]] and [[biopower]]<ref>Epstein C. (2007), "[https://academic.oup.com/ips/article-abstract/1/2/149/1799677 Guilty Bodies, Productive Bodies, Destructive Bodies: Crossing the Biometric Borders]". ''International Political Sociology'', 1:2, 149–64</ref>). By turning the human subject into a collection of biometric parameters, biometrics would dehumanize the person,<ref>Pugliese J. (2010), ''Biometrics: Bodies, Technologies, Biopolitics.'' New York: Routledge</ref> infringe bodily integrity, and, ultimately, offend human dignity.<ref>French National Consultative Ethics Committee for Health and Life Sciences (2007), Opinion N° 98, [http://www.ccne-ethique.fr/en/publications/biometrics-identifying-data-and-human-rights#.VenJ87TDU5E "Biometrics, identifying data and human rights"] {{webarchive|url=https://web.archive.org/web/20150923201410/http://www.ccne-ethique.fr/en/publications/biometrics-identifying-data-and-human-rights |date=23 September 2015 }}</ref>

In a well-known case,<ref>Agamben, G. (2008). "No to bio-political tattooing". ''Communication and Critical/Cultural Studies'', 5(2), 201–202. Reproduced from Le Monde (10 January 2004).</ref> Italian philosopher [[Giorgio Agamben]] refused to enter the United States in protest at the United States Visitor and Immigrant Status Indicator (US-VISIT) program's requirement for visitors to be fingerprinted and photographed. Agamben argued that gathering of biometric data is a form of bio-political tattooing, akin to the tattooing of Jews during the Holocaust. According to Agamben, biometrics turn the human persona into a bare body. Agamben refers to the two words used by Ancient Greeks for indicating "life", ''zoe'', which is the life common to animals and humans, just life; and ''bios'', which is life in the human context, with meanings and purposes. Agamben envisages the reduction to bare bodies for the whole humanity.<ref>Agamben G.(1998), ''Homo Sacer: Sovereign Power and Bare Life''. Trans. Daniel Heller-Roazen. Stanford: Stanford University Press</ref> For him, a new bio-political relationship between citizens and the state is turning citizens into pure biological life (''zoe'') depriving them from their humanity (''bios''); and biometrics would herald this new world.

In [https://www.dukeupress.edu/dark-matters Dark Matters: On the Surveillance of Blackness], [[surveillance]] scholar [[Simone Browne (sociologist)|Simone Browne]] formulates a similar critique as Agamben, citing a recent study<ref name="Gao 169–178">{{Cite book|chapter-url=https://www.researchgate.net/publication/221383488|chapter=Face Gender Classification on Consumer Images in a Multiethnic Environment|last1=Gao|first1=Wei|last2=Ai|first2=Haizhou|pages=169–178|doi=10.1007/978-3-642-01793-3_18|url-status=live|archive-url=https://web.archive.org/web/20161009123149/https://www.researchgate.net/publication/221383488_Face_Gender_Classification_on_Consumer_Images_in_a_Multiethnic_Environment|archive-date=9 October 2016|title=Advances in Biometrics|volume=5558|series=Lecture Notes in Computer Science|year=2009|isbn=978-3-642-01792-6|s2cid=17596655 }}</ref> relating to biometrics [[Research and development|R&D]] that found that the gender classification system being researched "is inclined to classify Africans as males and [[Mongoloid]]s as females."<ref name="Gao 169–178"/> Consequently, Browne argues that the conception of an objective biometric technology is difficult if such systems are subjectively designed, and are vulnerable to cause errors as described in the study above. The stark expansion of biometric technologies in both the public and private sector magnifies this concern. The increasing [[commodification]] of biometrics by the private sector adds to this danger of loss of human value. Indeed, corporations value the biometric characteristics more than the individuals value them.<ref>{{Cite journal|url = https://litigation-essentials.lexisnexis.com/webcd/app?action=DocumentDisplay&crawlid=1&doctype=cite&docid=25+Fordham+Intell.+Prop.+Media+%26+Ent.+L.J.+831&srctype=smi&srcid=3B15&key=a4b55d68b2513a0c985a62bb9064501d|title = Biometric Boom: How the private sector Commodifies Human characteristics|last = Walker|first = Elizabeth|date = 2015|journal = Fordham Intellectual Property, Media & Entertainment Law Journal|url-status = dead|archive-url = https://web.archive.org/web/20170120172630/https://litigation-essentials.lexisnexis.com/webcd/app?action=DocumentDisplay|archive-date = 20 January 2017|access-date = 1 May 2017}}</ref> Browne goes on to suggest that modern society should incorporate a "biometric consciousness" that "entails informed public debate around these technologies and their application, and accountability by the state and the private sector, where the ownership of and access to one's own body data and other intellectual property that is generated from one's body data must be understood as a right."<ref>{{Cite book|title=Dark Matters: On the Surveillance of Blackness|last=Browne|first=Simone|publisher=Duke University Press|year=2015|pages=116}}</ref>

Other scholars<ref>Mordini, E; Massari, S. (2008), "Body, Biometrics and Identity" ''Bioethics'', 22, 9:488</ref> have emphasized, however, that the globalized world is confronted with a huge mass of people with weak or absent civil identities. Most developing countries have weak and unreliable documents and the poorer people in these countries do not have even those unreliable documents.<ref>UNICEF, [http://www.unicef.org/protection/57929_58010.html Birth Registration] {{webarchive|url=https://web.archive.org/web/20150906150500/http://www.unicef.org/protection/57929_58010.html |date=6 September 2015 }}</ref> Without certified personal identities, there is no certainty of right, no civil liberty.<ref>Dahan M., Gelb A. (2015) [http://documents.worldbank.org/curated/en/2015/07/24849193/role-identification-post-2015-development-agenda "The Role of Identification in the Post-2015 Development Agenda"] {{webarchive|url=https://web.archive.org/web/20150920050041/http://documents.worldbank.org/curated/en/2015/07/24849193/role-identification-post-2015-development-agenda |date=20 September 2015 }} – World Bank Working Paper No. 98294 08/2015;</ref> One can claim his rights, including the right to refuse to be identified, only if he is an identifiable subject, if he has a public identity. In such a sense, biometrics could play a pivotal role in supporting and promoting respect for human dignity and fundamental rights.<ref>Mordini E, Rebera A (2011) "No Identification Without Representation: Constraints on the Use of Biometric Identification Systems". ''Review of Policy Research'', 29, 1: 5–20</ref>

===Privacy and discrimination===
{{further|privacy|right to privacy|medical privacy}}
It is possible that data obtained during biometric enrollment may be used in ways for which the enrolled individual has not consented. For example, most biometric features could disclose physiological and/or pathological medical conditions (e.g., some fingerprint patterns are related to chromosomal diseases, iris patterns could reveal sex, hand vein patterns could reveal vascular diseases, most behavioral biometrics could reveal neurological diseases, etc.).<ref>Mordini E, Ashton H,(2012), "The Transparent Body – Medical Information, Physical Privacy and Respect for Body Integrity", in Mordini E, Tzovaras D (eds), ''Second Generation Biometrics: the Ethical and Social Context''. Springer-Verlag: Berlin</ref> Moreover, second generation biometrics, notably behavioral and electro-physiologic biometrics (e.g., based on [[electrocardiography]], [[electroencephalography]], [[electromyography]]), could be also used for [[emotion detection]].<ref>Mordini E, Tzovaras D,(2012), ''Second Generation Biometrics: the Ethical and Social Context''. Springer-Verlag: Berlin</ref>

There are three categories of privacy concerns:<ref>{{cite book
 | title=Security in Computing
 | last1=Pfleeger
 | first1=Charles
 | last2=Pfleeger
 | first2=Shari
 | publisher=Pearson Education
 | year=2007
 | location=Boston
 | page=220
 | edition=4th
 | isbn=978-0-13-239077-4
}}</ref>
# Unintended functional scope: The authentication goes further than authentication, such as finding a tumor.
# Unintended application scope: The authentication process correctly identifies the subject when the subject did not wish to be identified.
# Covert identification: The subject is identified without seeking identification or authentication, i.e. a subject's face is identified in a crowd.

===Danger to owners of secured items===
When thieves cannot get access to secure properties, there is a chance that the thieves will stalk and assault the property owner to gain access. If the item is secured with a [[biometric device]], the damage to the owner could be irreversible, and potentially cost more than the secured property. For example, in 2005, Malaysian car thieves cut off a man's finger when attempting to steal his [[Mercedes-Benz S-Class]].<ref>{{cite news|url=http://news.bbc.co.uk/2/hi/asia-pacific/4396831.stm|title=Malaysia car thieves steal finger|last=Kent|first=Jonathan|date=31 March 2005|work=[[BBC Online]]|access-date=11 December 2010|location=Kuala Lumpur|url-status=live|archive-url=https://web.archive.org/web/20101120203534/http://news.bbc.co.uk/2/hi/asia-pacific/4396831.stm|archive-date=20 November 2010}}<br /></ref>

===Attacks at presentation===
In the context of biometric systems, presentation attacks may also be called "[[spoofing attack]]s".

As per the recent ISO/IEC 30107 standard,<ref>{{Cite web|url=http://www.iso.org/cms/render/live/en/sites/isoorg/contents/data/standard/05/32/53227.html|title=ISO/IEC 30107-1:2016|website=iso.org|language=en|access-date=2019-04-23}}</ref> presentation attacks are defined as "presentation to the biometric capture subsystem with the goal of interfering with the operation of the biometric system". These attacks can be either impersonation or [[obfuscation]] attacks. Impersonation attacks try to gain access by pretending to be someone else. Obfuscation attacks may, for example, try to evade [[face detection]] and [[Facial recognition system|face recognition]] systems.

Several methods have been proposed to counteract presentation attacks.<ref>{{Cite journal|date=2014|editor-last=Marcel|editor-first=Sébastien|editor2-last=Nixon|editor2-first=Mark S.|editor3-last=Li|editor3-first=Stan Z.|title=Handbook of Biometric Anti-Spoofing|journal=Advances in Computer Vision and Pattern Recognition|doi=10.1007/978-1-4471-6524-8|issn=2191-6586|isbn=978-1-4471-6523-1|s2cid=27594864}}</ref>

===Surveillance humanitarianism in times of crisis===
Biometrics are employed by many aid programs in times of crisis in order to prevent fraud and ensure that resources are properly available to those in need. Humanitarian efforts are motivated by promoting the welfare of individuals in need, however the use of biometrics as a form of surveillance humanitarianism can create conflict due to varying interests of the groups involved in the particular situation. Disputes over the use of biometrics between aid programs and party officials stalls the distribution of resources to people that need help the most. In July 2019, the United Nations World Food Program and Houthi Rebels were involved in a large dispute over the use of biometrics to ensure resources are provided to the hundreds of thousands of civilians in Yemen whose lives are threatened. The refusal to cooperate with the interests of the United Nations World Food Program resulted in the suspension of food aid to the Yemen population. The use of biometrics may provide aid programs with valuable information, however its potential solutions may not be best suited for chaotic times of crisis. Conflicts that are caused by deep-rooted political problems, in which the implementation of biometrics may not provide a long-term solution.<ref>{{Cite news|url=https://www.nytimes.com/2019/07/11/opinion/data-humanitarian-aid.html|title=Opinion &#124; Stop Surveillance Humanitarianism|newspaper=The New York Times|date=12 July 2019|last1=Latonero|first1=Mark}}</ref>

===Cancelable biometrics===
One advantage of passwords over biometrics is that they can be re-issued. If a token or a password is lost or stolen, it can be cancelled and replaced by a newer version. This is not naturally available in biometrics. If someone's face is compromised from a database, they cannot cancel or reissue it. If the electronic biometric identifier is stolen, it is nearly impossible to change a biometric feature. This renders the person's biometric feature questionable for future use in authentication, such as the case with the hacking of security-clearance-related background information from the Office of Personnel Management (OPM) in the United States.

Cancelable biometrics is a way in which to incorporate protection and the replacement features into biometrics to create a more secure system. It was first proposed by Ratha ''et al.''<ref>N. K. Ratha, J. H. Connell, and R. M. Bolle, "[https://www.researchgate.net/profile/Jonathan_Connell/publication/220353130_Enhancing_Security_and_Privacy_in_Biometrics-Based_Authentication_Systems/links/555a010508ae6fd2d8281b10/Enhancing-Security-and-Privacy-in-Biometrics-Based-Authentication-Systems.pdf Enhancing security and privacy in biometrics-based authentication systems]", ''IBM Systems Journal'', vol. 40, pp. 614–634, 2001.</ref>

"Cancelable biometrics refers to the intentional and systematically repeatable distortion of biometric features in order to protect sensitive user-specific data. If a cancelable feature is compromised, the distortion characteristics are changed, and the same biometrics is mapped to a new template, which is used subsequently. Cancelable biometrics is one of the major categories for biometric template protection purpose besides biometric cryptosystem."<ref>{{Cite journal|title = Cancelable biometrics – Scholarpedia|journal = Scholarpedia|volume = 5|pages = 9201|doi = 10.4249/scholarpedia.9201|year = 2010|last1 = Hui|first1 = Lim|last2 = Jin|first2 = Andrew|doi-access = free}}</ref> In biometric cryptosystem, "the error-correcting coding techniques are employed to handle intraclass variations."<ref>{{Cite journal|last1=Feng|first1=Y. C.|last2=Yuen|first2=P. C.|last3=Jain|first3=A. K.|date=2010-03-01|title=A Hybrid Approach for Generating Secure and Discriminating Face Template|journal=IEEE Transactions on Information Forensics and Security|volume=5|issue=1|pages=103–117|doi=10.1109/TIFS.2009.2038760|issn=1556-6013|citeseerx=10.1.1.389.5322|s2cid=18156337}}</ref> This ensures a high level of security but has limitations such as specific input format of only small intraclass variations.

Several methods for generating new exclusive biometrics have been proposed. The first fingerprint-based cancelable biometric system was designed and developed by Tulyakov ''et al.''<ref>S. Tulyakov, F. Farooq, and V. Govindaraju, "[https://www.acsu.buffalo.edu/~tulyakov/papers/tulyakov_ICAPR05_fingerprint_hash.pdf Symmetric Hash Functions for Fingerprint Minutiae]", ''Proc. Int'l Workshop Pattern Recognition for Crime Prevention, Security, and Surveillance'', pp. 30–38, 2005</ref> Essentially, cancelable biometrics perform a distortion of the biometric image or features before matching. The variability in the distortion parameters provides the cancelable nature of the scheme. Some of the proposed techniques operate using their own recognition engines, such as Teoh ''et al.''<ref>A. B. J. Teoh, A. Goh, and D. C. L. Ngo, "Random Multispace Quantization as an Analytic Mechanism for BioHashing of Biometric and Random Identity Inputs", ''IEEE Transactions on Pattern Analysis and Machine Intelligence'', vol. 28, pp. 1892–1901, 2006.</ref> and Savvides ''et al.'',<ref>M. Savvides, B. V. K. V. Kumar, and P. K. Khosla, "'Corefaces' – Robust Shift-Invariant PCA based Correlation Filter for Illumination Tolerant Face Recognition", presented at IEEE Computer Society Conference on Computer Vision and Pattern Recognition (CVPR'04), 2004.</ref> whereas other methods, such as Dabbah ''et al.'',<ref>M. A. Dabbah, W. L. Woo, and S. S. Dlay, "Secure Authentication for Face Recognition", presented at Computational Intelligence in Image and Signal Processing, 2007. CIISP 2007. IEEE Symposium on, 2007.</ref> take the advantage of the advancement of the well-established biometric research for their recognition front-end to conduct recognition. Although this increases the restrictions on the protection system, it makes the cancellable templates more accessible for available biometric technologies

===Proposed soft biometrics===
[[Soft biometrics]] are understood as '''not strict biometrical''' recognition practices that are proposed in favour of identity cheaters and stealers.

Traits are physical, behavioral or adhered human characteristics that have been derived from the way human beings normally distinguish their peers (e.g. height, gender, hair color). They are used to complement the identity information provided by the primary biometric identifiers. Although soft biometric characteristics lack the distinctiveness and permanence to recognize an individual uniquely and reliably, and can be easily faked, they provide some evidence about the users identity that could be beneficial. In other words, despite the fact they are unable to individualize a subject, they are effective in distinguishing between people. Combinations of personal attributes like gender, race, eye color, height and other visible identification marks can be used to improve the performance of traditional biometric systems.<ref>Ratha, N. K., J. H. Connell, and R. M. Bolle. (2001). "Enhancing security and privacy in biometrics based authentication systems". ''IBM Systems Journal'' 40(3): 614–634.</ref> Most soft biometrics can be easily collected and are actually collected during enrollment. Two main ethical issues are raised by soft biometrics.<ref>Mordini E, Ashton H (2012), "The Transparent Body – Medical Information, Physical Privacy and Respect for Body Integrity'". In Mordini E, Tzovaras D (eds), [https://www.springer.com/us/book/9789400738911 ''Second Generation Biometrics: the Ethical and Social Context''. Berlin: Springer-Verlag] {{webarchive|url=https://web.archive.org/web/20180216025115/https://www.springer.com/us/book/9789400738911 |date=16 February 2018 }}, 2057–83</ref> First, some of soft biometric traits are strongly cultural based; e.g., skin colors for determining ethnicity risk to support racist approaches, biometric sex recognition at the best recognizes gender from tertiary sexual characters, being unable to determine genetic and chromosomal sexes; soft biometrics for aging recognition are often deeply influenced by ageist stereotypes, etc. Second, soft biometrics have strong potential for categorizing and profiling people, so risking of supporting processes of stigmatization and exclusion.<ref>Mordini E (2013) ''Biometrics''. In Henk A. M. J. ten Have, Bert Gordijn (eds) ''Handbook of Global Bioethics'' Berlin: Springer, 341–356</ref>

===Data protection of biometric data in international law===
Many countries, including the United States, are planning to share biometric data with other nations.

In testimony before the US House Appropriations Committee, Subcommittee on Homeland Security on "biometric identification" in 2009, [[Kathleen Kraninger]] and Robert A Mocny<ref name="DHS-Testimony">{{Cite journal
 |title       = Testimony of Deputy Assistant Secretary for Policy Kathleen Kraninger, Screening Coordination, and Director Robert A. Mocny, US-VISIT, National Protection and Programs Directorate, before the House Appropriations Committee, Subcommittee on Homeland Security, 'Biometric Identification'
 |publisher   = US Department of Homeland Security
 |date        = March 2009
 |url         = https://www.dhs.gov/ynews/testimony/testimony_1237563811984.shtm
 |access-date  = 20 February 2010
 |url-status     = live
 |archive-url  = https://web.archive.org/web/20100218104515/http://www.dhs.gov/ynews/testimony/testimony_1237563811984.shtm
 |archive-date = 18 February 2010}}</ref> commented on international cooperation and collaboration with respect to biometric data, as follows:
{{cquote|''To ensure we can shut down terrorist networks before they ever get to the United States, we must also take the lead in driving international biometric standards. By developing compatible systems, we will be able to securely share terrorist information internationally to bolster our defenses. Just as we are improving the way we collaborate within the U.S. Government to identify and weed out terrorists and other dangerous people, we have the same obligation to work with our partners abroad to prevent terrorists from making any move undetected. Biometrics provide a new way to bring terrorists' true identities to light, stripping them of their greatest advantage—remaining unknown.''}}

According to an article written in 2009 by S. Magnuson in the National Defense Magazine entitled "Defense Department Under Pressure to Share Biometric Data" the United States has bilateral agreements with other nations aimed at sharing biometric data.<ref name="DefensePressureShare">{{Cite journal
 |last1       = Magnuson
 |first1      = S
 |title       = Defense department under pressure to share biometric data.
 |website     = NationalDefenseMagazine.org
 |date        = January 2009
 |url         = http://www.nationaldefensemagazine.org/ARCHIVE/2009/JANUARY/Pages/DefenseDepartmentUnderPressuretoShareBiometricData.aspx
 |access-date  = 20 February 2010
 |url-status     = dead
 |archive-url  = https://web.archive.org/web/20100312215019/http://www.nationaldefensemagazine.org/archive/2009/January/Pages/DefenseDepartmentUnderPressuretoShareBiometricData.aspx
 |archive-date = 12 March 2010}}</ref> To quote that article:
{{cquote|''Miller [a consultant to the Office of Homeland Defense and America's security affairs] said the United States has bilateral agreements to share biometric data with about 25 countries. Every time a foreign leader has visited Washington during the last few years, the State Department has made sure they sign such an agreement.''}}

===Likelihood of full governmental disclosure===
Certain members of the civilian community are worried about how biometric data is used but full disclosure may not be forthcoming. In particular, the Unclassified Report of the United States' Defense Science Board Task Force on Defense Biometrics states that it is wise to protect, and sometimes even to disguise, the true and total extent of national capabilities in areas related directly to the conduct of security-related activities.<ref name="OnDefenseBiometrics">{{Citation |mode=cs1
 |last        = Defense Science Board
 |title       = On Defense Biometrics
 |series      = Unclassified Report of the Defense Science Board Task Force
 |publisher   = Office of the Under Secretary of Defense For Acquisition, Technology, and Logistics
 |date        = March 2007
 |place       = Washington, D.C.
 |chapter-url         = http://www.acq.osd.mil/dsb/reports/ADA465930.pdf
 |access-date  = 20 February 2010
 |page        = 84
 |chapter     = Chapter 17 §Recommendation 45
 |archive-url  = https://web.archive.org/web/20110613155549/http://www.acq.osd.mil/dsb/reports/ADA465930.pdf
 |archive-date = 13 June 2011}}</ref> This also potentially applies to Biometrics. It goes on to say that this is a classic feature of intelligence and military operations. In short, the goal is to preserve the security of '[[Intelligence assessment|sources and methods]]'.

===Data security===
The frequent use of biometric authentication for security and the permanence of an individuals biometrics make the security of biometric data crucial. 
====Events where biometric data was compromised====
* [[Office of Personnel Management data breach]] in 2015
* Biostar 2 fingerprints leak in 2019<ref>{{Cite news |date=2019-08-14 |title=Biostar security software 'leaked a million fingerprints' |url=https://www.bbc.com/news/technology-49343774 |access-date=2025-02-15 |language=en-GB}}</ref>
* Taliban seizure of US biometric data in 2021<ref>{{Cite web |title=This is the real story of the Afghan biometric databases abandoned to the Taliban |url=https://www.technologyreview.com/2021/08/30/1033941/afghanistan-biometric-databases-us-military-40-data-points/ |access-date=2025-02-15 |website=MIT Technology Review |language=en}}</ref><ref>{{Cite web |date=2021-09-07 |title=U.S.-built databases, biometric data a potential tool of the Taliban |url=https://www.pbs.org/newshour/world/u-s-built-databases-biometric-data-a-potential-tool-of-the-taliban |access-date=2025-02-15 |website=PBS News |language=en-us}}</ref><ref>{{Cite web |last=Sirota |first=Ken Klippenstein, Sara |date=2021-08-17 |title=The Taliban Have Seized U.S. Military Biometrics Devices |url=https://theintercept.com/2021/08/17/afghanistan-taliban-military-biometrics/ |access-date=2025-02-15 |website=The Intercept |language=en-US}}</ref> 
* Afghan & Iraqi Fingerprints and Iris database<ref>{{Cite news |last=Hill |first=Kashmir |last2=Ismay |first2=John |last3=Schuetze |first3=Christopher F. |last4=Krolik |first4=Aaron |date=2022-12-27 |title=For Sale on eBay: A Military Database of Fingerprints and Iris Scans |url=https://www.nytimes.com/2022/12/27/technology/for-sale-on-ebay-a-military-database-of-fingerprints-and-iris-scans.html |access-date=2025-02-15 |work=The New York Times |language=en-US |issn=0362-4331}}</ref>
====Legislation and governmental Action====
Biometrics are considered personal information/data under multiple laws
* [[General Data Protection Regulation|GDPR]] in the [[European Union]] became law in 2018<ref>{{Cite web |date=2018-11-07 |title=What is GDPR, the EU’s new data protection law? |url=https://gdpr.eu/what-is-gdpr/ |access-date=2025-02-15 |website=GDPR.eu |language=en-US}}</ref>
* [[General Personal Data Protection Law|LGPD]] in [[Brazil]] became law in 2020<ref>{{Cite web |title=L13709 |url=https://www.planalto.gov.br/ccivil_03/_ato2015-2018/2018/lei/l13709.htm |access-date=2025-02-15 |website=www.planalto.gov.br}}</ref>
* [[Protection of Personal Information Act, 2013|Protection of Personal Information Act]] in [[South Africa]] came into force in 2020<ref>{{Cite web |date=26 November 2013 |title=Protection of Personal Information Act, 2013 |url=https://www.gov.za/sites/default/files/gcis_document/201409/3706726-11act4of2013popi.pdf |archive-url=https://web.archive.org/web/20211206032139/https://www.gov.za/sites/default/files/gcis_document/201409/3706726-11act4of2013popi.pdf |archive-date=6 December 2021 |access-date=15 February 2025}}</ref>
* [[Personal Data Protection Act (Sri Lanka)|Personal Data Protection Act]] in [[Sri Lanka]] implementation started in 2023<ref>{{Cite web |title=Personal Data Protection Act |url=https://parliament.lk/uploads/acts/gbills/english/6242.pdf |archive-url=https://web.archive.org/web/20250102035842/https://parliament.lk/uploads/acts/gbills/english/6242.pdf |archive-date=2 January 2025 |access-date=15 February 2025}}</ref>
=====United States=====
The United States does not have a nationwide data privacy law that includes biometrics. Several states and local governments, led by the Illinois [[Biometric Information Privacy Act]], have legislation regarding biometric data.<ref>{{Cite web |date=2022-07-20 |title=The basics, usage, and privacy concerns of biometric data |url=https://legal.thomsonreuters.com/en/insights/articles/the-basics-usage-and-privacy-concerns-of-biometric-data |access-date=2025-02-15 |website=legal.thomsonreuters.com |language=en-US}}</ref> The [[Federal Trade Commission|FTC]] has also taken actions to protect biometric data including against [[Facebook]] in 2019, charging they misrepresented their uses of facial recognition technology.<ref>{{Cite web |date=2023-05-18 |title=FTC Warns About Misuses of Biometric Information and Harm to Consumers |url=https://www.ftc.gov/news-events/news/press-releases/2023/05/ftc-warns-about-misuses-biometric-information-harm-consumers |access-date=2025-02-15 |website=Federal Trade Commission |language=en}}</ref><ref>{{Cite web |date=2019-07-24 |title=FTC Imposes $5 Billion Penalty and Sweeping New Privacy Restrictions on Facebook |url=https://www.ftc.gov/news-events/news/press-releases/2019/07/ftc-imposes-5-billion-penalty-sweeping-new-privacy-restrictions-facebook |access-date=2025-02-15 |website=Federal Trade Commission |language=en}}</ref>