Cyber Security and Emerging Threats Global Horizons Sukhpal Kaur Sangha

Is Biometrics the Future To Protecting Citizens?

A few months ago, the Canadian federal government announced plans to increase the use of biometrics in the screening of those who apply to enter Canada. This provision included in Bill C-59, according to Prime Minister Stephen Harper, is to prevent terrorists from entering Canada. The collected data is shared to help verify the identities of individuals and to protect Canada’s border.

The potential increase in the use of biometrics brings into question privacy and security concerns.

Canada first began implementing biometrics in 2013 as part of the Canadian government’s Economic Action Plan. According to the Department of Citizenship and Immigration Canada, the use of biometrics has already prevented known criminals from entering Canada. Canada currently collects biometrics from 29 countries and 1 territory.


Screen Shot 2015-09-11 at 11.13.21 AM

 The most widely used biometrics is fingerprinting and DNA.


Is Canada Alone in Increasing the Use of Biometrics?

Canada is not the only country that is starting to invest more in the use of biometrics as the new way to improve national security. The United States began collecting biometrics from foreign nationals in 2004, Japan in 2007, the United Kingdom in 2008, and Australia in 2010.

As more countries move towards the use of biometrics for immigration and security purposes, they are also are moving towards the sharing of such data. Canada signed agreements to do so with the United States, the United Kingdom, Australia and New Zealand under the High Value Data Sharing Protocol in 2009.

Should Citizens of Countries be Concerned?

The emerging use of biometrics gives rise to questions such as: How much of the biometric data should be shared between countries and law enforcement? How protected is the data? Should the collection of biometrics be justified simply in the name of preventing identity fraud and terrorists from entering their country?

Currently, Canadian citizens also give biometric data through the new Canadian ePassports, as it now uses the passport photos of citizens with facial recognition technology.

However, are Canadians or citizens of any country that uses biometrics giving up their values and rights? By handing the government of a country such information and then not knowing who else will have access to it, it undermines the essential idea of the privacy principle of an individual. Are governments’ justification for such information enough, or should citizens of such countries instead, be demanding their government to show further proof beyond the fears of terrorists or identity fraud.

India’s national ID program, called Aadhaar, is the largest known biometric database in the world. An individual’s fingerprints, iris scan and photo are collected and stored in a database in order for the individual to obtain an official form of Indian identification under this program. This program is not without privacy and security critics.


Screen Shot 2015-09-11 at 11.13.45 AM

           Sample of the Indian ID card issued under Aadhaar.


Biometrics beyond its use by countries: companies and cybercriminals

As countries move towards the further use of biometrics, more companies are also contemplating using biometrics. Some examples include applying biometrics as an added security feature for employee access to restricted areas and company networks. Biometrics can also be applied to consumer products, like voice recognition software to unlock personal electronic devices.

Recently with the launch of Windows 10, Microsoft has incorporated biometrics in Windows Hello (version of Windows). The biometrics required for Windows Hello is iris, facial or fingerprint. By using any three of these types of biometrics, the user no longer requires the use of an actual password.


Screen Shot 2015-09-11 at 11.14.10 AM

The latest software produced by Microsoft, increased the use of biometrics.


The rise of cybercrimes brings into question how well biometric data is protected by those collecting, storing, sharing or using it. Once a cybercriminal gains access to a person’s biometrics, it cannot be changed easily like a password. That victimized individual’s biometrics have now been compromised, which can lead to issues such as identity fraud.

Overall, people can never really know who their biometrics are being shared with and when. Closer monitoring is certainly required for such technology in its development and uses in the name of protection.

Screen Shot 2015-09-11 at 11.14.23 AM

Ultimately, citizens must take action when it comes to biometrics in regards to security versus privacy.

Sukhpal Kaur Sangha
Sukhpal is a recent graduate from the University of Toronto. Graduating with distinction, her Honours Bachelor of Arts degree focused on a double major in History and Political Science with a minor in Anthropology. She has spent much of her time devoted to volunteering in the community and the world around her. Her various passions resulted in her receiving the University of Toronto Gordon Cressy Student Leadership Award. She currently volunteers on a Young Leaders Council in her community. Her passions include global history, Latin America, security, intelligence, international issues and development. She welcomes any questions or comments. Email: