In the realm of humanitarian aid, the use of biometric data has become a norm, a seemingly efficient and cost-effective way to match aid to beneficiaries. However, behind this seemingly practical approach lies a host of ethical challenges.
This blog post explores the complex issues surrounding the collection and use of biometric data in humanitarian contexts, focusing on why there is a strong need for proper data collection practices deployed during humanitarian interventions and why traditional biometrics solutions often fall short of protecting vulnerable people. Furthermore, it will shed light on real-life instances where the misuse of biometric data has resulted in dire consequences and advocates for a careful and ethical approach in the humanitarian sector.
Biometric Data Challenges in Humanitarian Contexts
There are currently few guardrails to protect the data rights of refugees and vulnerable people in need of humanitarian support. Moreover, many organizations that were established and funded to protect these communities collect their data without applying safeguards more typically required under international and, in some cases, national law.
One of the reasons this occurs is that humanitarian catastrophes, such as starvation, natural disasters, wars, or other violent conflicts, tend to happen in nations that have no meaningful data protection regulation. Furthermore, even in situations where data protection laws are in place, it's possible that they won't be able to be enforced in an emergency. Secondly, the millions of displaced people whose personal data is being collected may be refugees or asylum seekers, who are no longer in their country of origin and have little-to-no leverage over the actions of their host government or the organizations they depend on to access fundamental services. Lastly, the international organizations—often UN agencies—that gather the personal data of people receiving humanitarian support are rarely required to follow the legal requirements of the nations where they operate.
However, the humanitarian sector's rationale behind using biometric data is clear: it streamlines aid distribution, reduces the risk of fraud, and enhances accountability towards donors. Distributing aid based on biometrics, for instance, is perceived as more accurate and secure compared to traditional paper-based identity cards. However, these apparent advantages must be carefully weighed against the potential harm caused by the collection and misuse of such sensitive data.
Instances from the field highlight the genuine risks associated with biometric data collection. For example, the case of Rohingya refugees in Bangladesh reveals how data collected by humanitarian agencies shared with local governments, ended up in the hands of Myanmar authorities. This led to potential harm for individuals who had fled persecution, directly contradicting the principles of protection and safety that humanitarian aid should uphold.
In Afghanistan, systems built to aid identity verification and payroll processes fell into the hands of unintended actors, namely the Taliban, after their takeover in 2021. This scenario showcases the unforeseen harm that can arise when data meant for humanitarian purposes is accessed by entities with malicious intent.
The Role of Ethical Technological Solutions
The use of biometric data in humanitarian aid is undoubtedly a double-edged sword. While it offers efficiency and accountability, it poses significant risks to vulnerable populations. Striking a balance between these factors necessitates meticulous planning, informed consent, and a deep understanding of the potential harm that can arise. Humanitarian actors and their donors need to commit to the fundamental data protection principle of data minimization, i.e. collecting, using, and retaining the minimum amount of data necessary for the purposes of their assistance, and they should refuse to collect that data until they can abide by the tenets of data protection to the standard that all of us deserve.
In this ethical balancing act, Community Pass, a Mastercard International project, is a unique example that bridges the gap between efficiency and privacy by providing a secure identity framework for vulnerable populations using a carefully designed and implemented technology architecture that provides data privacy by design.
- Community Pass provides a functional digital ID and digital wallet that can empower access to government and humanitarian benefits and various services in sub–Saharan Africa and Asia Pacific.
- Community Pass uses Trust Stamp technology to convert end-user facial and palm biometric data into Irreversibly Transformed Identity Tokens (IT2), which are then used to perform authentication and deduplicate user registrations. The conversion of the biometric data into the IT2 takes place on a device; biometric images and templates are not stored or shared anywhere in the Community Pass system, and if a governmental agency or other third party were to gain access to the system data, there is no risk of inadvertently exposing the biometric data of the potentially vulnerable end-users.
Mastercard's goal of creating digital identities for 100 million people aligns seamlessly with Trust Stamp's mission of expanding societal and financial inclusion, emphasizing the importance of empowering individuals while safeguarding their privacy. This collaboration enables the creation of digital identities across multiple humanitarian and development sectors, ensuring safe access to essential services, healthcare, and education, and has the potential to improve the lives of tens (or perhaps hundreds) of millions of underserved users.
In a recent podcast, Tara Nathan, Mastercard executive vice president and founder of the Community Pass project, said that Mastercard’s work has, in the past four years, made significant contributions towards improving the lives and livelihoods of people who are digitally excluded and underserved. She went on to say that Community Pass currently serves 3.5 million people and is targeting 30 million people enrolled by 2027.
Nathan spoke specifically about Farm Pass, a Community Pass product that serves the subsistence farming community: “In the most marginalized communities, people are receiving aid from governments and NGOs. There are farmers that are selling produce without receiving payments. So, what Community Pass does is that it sets off digital rails that operate offline. It enables a farmer or a mother with a child that needs healthcare or a marginalized village dweller to use a digital identity to transact digitally in the local village where they live,” said Nathan.
The Privacy-preserving Power of the IT2
The privacy protections afforded by IT2 are essential to large-scale implementations of biometrics because it eliminates the value of the stored data outside of the enrolled network, which reduces the risk of biometric data being breached or misused. By prioritizing the safety and dignity of every individual, humanitarian organizations can navigate this challenging terrain by utilizing technologies like Trust Stamp’s IT2 to ensure that aid reaches those who need it without compromising their privacy and security while upholding the fundamental principles of humanity, neutrality, and impartiality.
In our collaboration with Mastercard, Trust Stamp has taken significant strides to ensure the highest standards of security and privacy in identity verification solutions, and Mastercard shares our vision for secure, private, and trustworthy digital experiences that enhance social and financial inclusion while safeguarding the security and privacy of the users.
Furthermore, our close collaboration with Danish institutions to meet the stringent D-seal criteria is a testament to our dedication to customer security and privacy. The D-seal, a symbol of trust and reliability in the digital sphere, encompasses stringent requirements for data security and ethical data usage. By voluntarily undergoing this comprehensive evaluation, Trust Stamp has demonstrated its unwavering commitment to responsible digital practices. Achieving the D-seal is not just a label; it is proof of our dedication to consumer trust. It signifies that Trust Stamp's solutions not only empower individuals by providing them with secure digital identities but also protect their privacy at every step. Trust Stamp's achievement of the D-seal stands as a testament to our relentless pursuit of excellence in the realm of identity verification, reassuring our clients and users that their data is handled with the utmost care and integrity.
Conclusion: Upholding Humanitarian Principles in the Digital Age
The ethical challenges posed by biometric data collection in the humanitarian space demand a holistic approach, combining privacy-protecting technological innovation with a deep respect for individual rights. By prioritizing ethical data practices and leveraging responsible technologies, the humanitarian sector can navigate this intricate terrain. Trust Stamp serves not merely as a technological solution but as a testament to the possibility of harmonizing efficiency with ethics.
In this pursuit, Trust Stamp, in collaboration with Mastercard, illuminates the path forward, ensuring that aid reaches those in need while upholding the core values of humanity, neutrality, and impartiality that define humanitarian work. Contact us to learn more!