Biometric data collected by the technology industry poses multiple risk vectors for end users and imposes significant costs on technology companies.
Evin McMullen, co-founder of Privado ID, a decentralized identity project that uses zero-knowledge cryptography, recently spoke to Cointelegraph about how decentralized blockchain can mitigate these risks. I explained.
McMullen began by pointing out that biometric data is not just processed or stored through traditional Big Tech companies like Google, Apple, and Microsoft. Instead, data often passes through a complex supply chain of service providers who have a say in the validity of specific data, exposing user data to multiple third parties. Co-founder of Privado ID said:
“Data should be shared based on the information needed. This means that wherever possible, you can use your mobile phone to collect biometrics, and that data can be stored on the device itself, so it cannot be shared from the device or connected It will never be published on the Internet and will instead create a zero-knowledge proof. ”
Zero-knowledge proofs (methods of validating data without revealing the specific contents of the data) limit the exposure of this data, McMullen explained.
“Blockchain keys can be used as a way to control who has access to information about biometrics,” the entrepreneur told Cointelegraph.
Huge costs and cybersecurity risks
For technology companies, collecting biometric data comes with significant cybersecurity, regulatory compliance, and storage costs. “In fact, for many companies, it is in the best economic interest to avoid storing biometric data,” McMullen said.
Examples of this include individual requests to delete or remove biometric data from an information repository. These are notoriously difficult to search and modify, but must remain compliant with regulatory frameworks such as the European Union’s General Data Protection Regulation (GDPR).
Additionally, the centralized nature of data storage by traditional technology companies creates opportunities for malicious attackers to attack a company’s security infrastructure and steal sensitive user data. These centralized points of failure and the “monopoly assumptions” of traditional technology providers are ameliorated by the decentralization inherent in blockchain identity solutions, McMullen told Cointelegraph.
Potential human rights violations
The Privado ID co-founder also touched on the potential for centralized biometric databases to be used for human rights abuses, a concern that is often overlooked. Using a historical example, McMullen says:
“During World War II, intensive documentation of customer tracking, banking transactions, and voting records led to the systematic persecution of ethnic minorities in Europe.”
This point has previously been made by Nym CEO Harry Halpin, who defended the founder of Tornado Cash by using the historical context of World War II to explain why privacy is a human right. did.
