ESR 7: Privacy in nomadic cross-system mobile biometrics

What has been achieved and the impacts

Initial project work was an exploratory look at use-case scenarios for mobile biometrics for an internal AMBER report, before focus in on certain modalities and areas of risk.

Initial classification of threats from a technical perspective was performed and published internally as an OVGU technical report [1]. Further to that was assessment of entitlement to protection in the context of current regulation and human rights documentation, published as a EUSIPCO 2018 paper [2].

Based upon the derived risks, an example could be applied practically. In this first case, considering keystroke as a biometric modality in the context of search engines. This work was published in EURASIP Journal on Information Security [3]. Further, more broadly, discrimination in searching based on location and browser fingerprints has also been investigated, involving creating a prototype tool web scraper for detecting search result/pricing discrepancies and therefore potential discrimination.

Ongoing work, yet to be formally reported, is continuing in protection methods which build upon the findings and risks involving search engines, as a research goal. Additionally, the second modality of face has been considered in regards to another commonly exposed biometric modality with privacy concerns. Face morphing can be applied using established techniques as a potential de-identification method which does not majorly compromise data naturalness.