Tools for Avoiding Scams and Strengthening Cybersecurity
Practical tips for avoiding scams and safeguarding personal information include “going to websites yourself instead of clicking on embedded links in emails, calling sources directly instead of using numbers provided in emails,” advises Doyle. “The government will not reach out and ask for personal information,” he points out.
Companies can also take proactive measures for safeguarding sensitive and confidential information and avoiding data breaches. Almost half of all data breaches are caused by phishing emails or other scams. Steps for mitigating data breaches include “identifying vulnerabilities; implementing a security awareness training program and policy; identifying key stakeholders; multifactored authentication; using virtual private networks; and implementing a software restriction policy,” according to Doyle.
Impact of Biometric Data on Health Crisis: Contactless vs. Contact-Only
“With the COVID-19 pandemic, biometric data has become an important factor in monitoring the spread of the virus and supporting reopening governments,” asserts Wen. Biometric data measures characteristics of a person’s body and is classified into two categories: physiological biometrics and behavioral biometrics. Physiological biometrics include retinal scans, fingerprints, and facial geometry. Behavioral biometrics include movement patterns, heartbeat, temperature, and sleep.
In the current health crisis, biometric data is recognized as a valuable tool for monitoring the spread of the virus. “As countries are racing to reopen their governments, they are looking to biometric data to develop modern data surveillance and analytics systems, for example temperature measurement and facial recognition,” observes Wen. “Smart thermometers paired with mobile devices could help prevent the spread of virus by predicting and detecting fever clusters,” notes Wen. Location and GPS data from smartphones can assist with contact tracing and help create heat maps of where the disease is spreading. “Contact-only sensing technologies that rely on a fingerprint and hand scans pose a great hygienic risk and severely limit infectious control protocols,” whereas “biometric data can provide contact-less identification,” she adds.
Biometric Data Privacy
While biometric data can be beneficial for daily life, it can also be misused for identity theft or other impermissible purposes. Increased use of medical devices during the current health crisis may result in increased cybersecurity risks. Entities that had not previously been collecting biometric data may not have policies in place for collecting, processing, and retaining biometric data. Establishing a data privacy policy would help avoid cybersecurity risks associated with the misuse of biometric data.
There is currently “no federal law yet [for protecting biometric data], but a bill [Ethical Use of Facial Recognition Act] has been introduced to limit use of facial recognition technology,” states Wen. The findings delineated in the proposed bill highlight the following issues regarding facial recognition technology:
- “Facial recognition has been shown to disproportionately impact communities of color, activists, immigrants, and other groups that are often already unjustly targeted.”
- “Facial recognition has a history of being inaccurate, particularly for women, young people, African Americans, and other ethnic groups.”
- “It is critical that facial recognition not be used to suppress First Amendment–related activities, violate privacy, or otherwise adversely impact individuals’ civil rights and civil liberties.”
Additionally, the National Institute of Standards and Technology, a federal agency within the Department of Commerce, released the results of a 2019 study on facial recognition technology, finding that the majority of facial recognition algorithms have demographic differences resulting in a potential negative impact on accuracy based on a person’s age, gender, or race. Entities collecting biometric data may be subject to substantial guesswork in trying to create and implement biometric data privacy policies to protect biometric data and to protect civil rights and civil liberties.