Abstract
Biometric technology was once the purview of security, with face recognition and fingerprint scans used for identification and law enforcement. This is no longer the case; biometrics is increasingly used for commercial and civil applications. Due to the widespread diffusion of biometrics, it is important to address the ethical issues inherent to the development and deployment of the technology. This article explores the burgeoning research on biometrics for non-security purposes and the ethical implications for organizations. This will be achieved by reviewing the literature on biometrics and business ethics and drawing from disciplines such as computer ethics to inform a more robust discussion of key themes. Although there are many ethical concerns, privacy is the key issue, with associated themes. These include definitions of privacy, the privacy paradox, informed consent, regulatory frameworks and guidelines, and discrimination. Despite the proliferation of biometric technology, there is little empirical research on applied biometrics and business ethics. As such, there are several avenues for research to improve understanding of the ethical implications of using this technology.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Notes
This review was updated in October 2018.
References
Albrecht, J. P. (2016). How the GDPR will change the world. European Data Protection Law Review, 2, 287–289.
Alterman, A. (2003). “A piece of yourself”: Ethical issues in biometric identification. Ethics and Information Technology, 5(3), 139–150.
Ball, K. (2005). Organization, surveillance and the body: Towards a politics of resistance. Organization, 12(1), 89–108.
Bhattacharyya, D., Ranjan, R., Alisherov, F., & Choi, M. (2009). Biometric authentication: A review. International Journal of u-and e-Service, Science and Technology, 2(3), 13–28.
Breland, A. (2017). How white engineers built racist code—and why it’s dangerous for black people. https://www.theguardian.com/technology/2017/dec/04/racist-facial-recognition-white-coders-black-people-police. Accessed 1 Nov 2018.
Brown, W. S. (1996). Technology, workplace privacy and personhood. Journal of Business Ethics, 15(11), 1237–1248.
Brusoni, S., & Vaccaro, A. (2017). Ethics, technology and organizational innovation. Journal of Business Ethics, 143(2), 223–226.
Buchholz, R. A., & Rosenthal, S. B. (2002). Technology and business: Rethinking the moral dilemma. Journal of Business Ethics, 41(1–2), 45–50.
Campisi, P. (2013). Security and privacy in biometrics (Vol. 24). New York: Springer.
Carpenter, D., McLeod, A., Hicks, C., & Maasberg, M. (2018). Privacy and biometrics: An empirical examination of employee concerns. Information Systems Frontiers, 20(1), 91–110.
Cavoukian, A., Chibba, M., & Stoianov, A. (2012). Advances in biometric encryption: Taking privacy by design from academic research to deployment. Review of Policy Research, 29(1), 37–61.
Corcoran, P., & Costache, C. (2016). Smartphones, biometrics, and a brave new world. IEEE Technology and Society Magazine, 35(3), 59–66.
Custers, B., Dechesne, F., Sears, A. M., Tani, T., & van der Hof, S. (2018). A comparison of data protection legislation and policies across the EU. Computer Law and Security Review, 34(2), 234–243.
D’Mello, S. K., Craig, S. D., & Graesser, A. C. (2009). Multimethod assessment of affective experience and expression during deep learning. International Journal of Learning Technology, 4(3–4), 165–187.
D’Mello, S. K., & Graesser, A. (2010). Multimodal semi-automated affect detection from conversational cues, gross body language, and facial features. User Modeling and User-Adapted Interaction, 20(2), 147–187.
Davis, J., & Nathan, L. P. (2015). Value sensitive design: Applications, adaptations, and critiques. In Handbook of ethics, values, and technological design (pp. 11–40). New York: Springer.
de Vries, R. E., & van Gelder, J.-L. (2015). Explaining workplace delinquency: The role of Honesty–Humility, ethical culture, and employee surveillance. Personality and Individual Differences, 86, 112–116.
Dhanani, L. Y., Beus, J. M., & Joseph, D. L. (2018). Workplace discrimination: A meta-analytic extension, critique, and future research agenda. Personnel Psychology, 71(2), 147–179.
Dierksmeier, C., & Seele, P. (2018). Cryptocurrencies and business ethics. Journal of Business Ethics, 152(1), 1–14.
Dixon, P. (2008). Ethical issues implicit in library authentication and access management: Risks and best practices. Journal of Library Administration, 47(3–4), 141–162.
Economist, T. (2017). Advances in AI are used to spot signs of sexuality. https://www.economist.com/news/science-and-technology/21728614-machines-read-faces-are-coming-advances-ai-are-used-spot-signs. Accessed 1 Nov 2018.
European Commission. (2018a). What does the General Data Protection Regulation (GDPR) govern? https://ec.europa.eu/info/law/law-topic/data-protection/reform/what-does-general-data-protection-regulation-gdpr-govern_en. Accessed 28 Dec.
European Commission. (2018b). What data can we process and under what conditions? https://ec.europa.eu/info/law/law-topic/data-protection/reform/rules-business-and-organisations/principles-gdpr/what-data-can-we-process-and-under-which-conditions_en. Accessed 29 Dec.
Evans, R., McNamee, M., & Owen, G. (2017). Ethics, nanobiosensors and elite sport: The need for a new governance framework. Science and Engineering Ethics, 23(6), 1487–1505.
Eyers, J. (2017). Westpac testing AI to monitor staff and customers. Australian Financial Review. November 14. https://www.afr.com/technology/westpac-testing-ai-to-monitor-staff-and-customers-20171114-gzks7h. Accessed 29 Dec 2018.
Fairweather, N. B. (1999). Surveillance in employment: The case of teleworking. Journal of Business Ethics, 22(1), 39–49.
Grafsgaard, J., Wiggins, J. B., Boyer, K. E., Wiebe, E. N., & Lester, J. (2013). Automatically recognizing facial expression: Predicting engagement and frustration. In Proceedings of the 6th International Conference on Educational Data Mining (pp. 43–50).
Greenwood, M., & Van Buren, I. I. I., H. J (2010). Trust and stakeholder theory: Trustworthiness in the organisation–stakeholder relationship. Journal of Business Ethics, 95(3), 425–438.
Gregersen, A., Langkjær, B., Heiselberg, L., & Wieland, J. L. (2017). Following the viewers: Investigating television drama engagement through skin conductance measurements. Poetics, 64, 1–13.
Gurdus, E. (2017). UnitedHealthcare and Fitbit to pay users up to $1,500 to use devices, Fitbit co-founder says. https://www.cnbc.com/2017/01/05/unitedhealthcare-and-fitbit-to-pay-users-up-to-1500-to-use-devices.html. Accessed 4 Nov 2018.
Hassib, M., Schneegass, S., Eiglsperger, P., Henze, N., Schmidt, A., & Alt, F., EngageMeter: A system for implicit audience engagement sensing using electroencephalography. In Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems, 2017 (pp. 5114–5119): ACM.
Henschke, A. (2017). Ethics in an age of surveillance: Personal information and virtual identities. Cambridge: Cambridge University Press.
Herschel, R., & Miori, V. M. (2017). Ethics and big data. Technology in Society, 49, 31–36.
Holland, P. J., Cooper, B., & Hecker, R. (2015). Electronic monitoring and surveillance in the workplace: The effects on trust in management, and the moderating role of occupational type. Personnel Review, 44(1), 161–175.
Hoofnagle, C. J., King, Jennifer, Li, Su, & Turow, J. (2010). How different are young adults from older adults when it comes to information privacy attitudes and policies?. Available at https://doi.org/10.2139/ssrn.1589864.
Hou, R. (2017). Neoliberal governance or digitalized autocracy? The rising market for online opinion surveillance in China. Surveillance and Society, 15(3/4), 418–424.
Introna, L., & Nissenbaum, H. (2010). Facial recognition technology a survey of policy and implementation issues. Lancaster University Management School Working Paper (Vol. 2010/030): Lancaster University.
Jain, A. K., Hong, L., & Pankanti, S. (2000). Biometric identification. Communications of the ACM, 43(2), 90–98.
Jain, A. K., & Kumar, A. (2012). Biometric recognition: an overview. In Second generation biometrics: The ethical, legal and social context (pp. 49–79). New York: Springer.
Jain, A. K., Ross, A. A., & Nandakumar, K. (2011). Introduction. In Introduction to biometrics (pp. 1–49). New York: Springer.
Karkazis, K., & Fishman, J. R. (2017). Tracking US professional athletes: The ethics of biometric technologies. The American Journal of Bioethics, 17(1), 45–60.
Kirchberg, V., & Tröndle, M. (2012). Experiencing exhibitions: A review of studies on visitor experiences in museums. Curator, 55(4), 435–452.
Kirchberg, V., & Tröndle, M. (2015). The museum experience: Mapping the experience of fine art. Curator, 58(2), 169–193.
Klare, B. F., Burge, M. J., Klontz, J. C., Bruegge, R. W. V., & Jain, A. K. (2012). Face recognition performance: Role of demographic information. IEEE Transactions on Information Forensics and Security, 7(6), 1789–1801.
Kokolakis, S. (2017). Privacy attitudes and privacy behaviour: A review of current research on the privacy paradox phenomenon. Computers and Security, 64, 122–134.
Li, Y., Kobsa, A., Knijnenburg, B. P., & Nguyen, M. C. (2017). Cross-cultural privacy prediction. Proceedings on Privacy Enhancing Technologies, 2017(2), 113–132.
Loch, K. D., Conger, S., & Oz, E. (1998). Ownership, privacy and monitoring in the workplace: A debate on technology and ethics. Journal of Business Ethics, 17(6), 653–663.
Lodge, J. (2006). Ethical EU eJustice: Elusive or illusionary? Journal of Information, Communication and Ethics in Society, 4(3), 131–144.
Lodge, J. (2012). The dark side of the moon: Accountability, ethics and new biometrics. In Second generation biometrics: The ethical, legal and social context (pp. 305–328). New York: Springer.
Lupton, D. (2013). Quantifying the body: Monitoring and measuring health in the age of mHealth technologies. Critical Public Health, 23(4), 393–403.
Lupton, D. (2016a). The diverse domains of quantified selves: Self-tracking modes and dataveillance. Economy and Society, 45(1), 101–122.
Lupton, D. (2016b). Personal data practices in the age of lively data. Digital sociologies, 335–350.
Lupton, D. (2016c). You are your data: Self-tracking practices and concepts of data. In Lifelogging (pp. 61–79): Springer.
Lupton, D. (2017). Feeling your data: Touch and making sense of personal digital data. New Media and Society, 19(10), 1599–1614.
Malsch, I. (2013). The just war theory and the ethical governance of research. Science and Engineering Ethics, 19(2), 461–486.
Maltseva, K., & Lutz, C. (2018). A quantum of self: A study of self-quantification and self-disclosure. Computers in Human Behavior, 81, 102–114.
Martella, C., Gedik, E., Cabrera-Quiros, L., Englebienne, G., & Hung, H. (2015). How was it?: Exploiting smartphone sensing to measure implicit audience responses to live performances. In Proceedings of the 23rd ACM International conference on Multimedia (pp. 201–210). Brisbane Australia.
Martella, C., Miraglia, A., Frost, J., Cattani, M., & van Steen, M. (2017). Visualizing, clustering, and predicting the behavior of museum visitors. Pervasive and Mobile Computing, 38, 430–443.
Martin, A. J., Wellen, J. M., & Grimmer, M. R. (2016). An eye on your work: How empowerment affects the relationship between electronic surveillance and counterproductive work behaviours. The International Journal of Human Resource Management, 27(21), 2635–2651.
Martin, K. (2016). Understanding privacy online: Development of a social contract approach to privacy. Journal of Business Ethics, 137(3), 551–569.
Martin, K. (2018). Ethical implications and accountability of algorithms. Journal of Business Ethics, 1–16.
Martin, K., & Freeman, R. E. (2003). Some problems with employee monitoring. Journal of Business Ethics, 43(4), 353–361.
Martin, K. E., & Freeman, R. E. (2004). The separation of technology and ethics in business ethics. Journal of Business Ethics, 53(4), 353–364.
McDaniel, B., D’Mello, S., King, B., Chipman, P., Tapp, K., & Graesser, A. (2007). Facial features for affective state detection in learning environments. In D.S. McNamara and J.G. Trafton (Eds.) Proceedings of the 29th Annual Cognitive Science Society, (pp. 467–472), Austin.
McStay, A. (2014). Privacy and philosophy: New media and affective protocol. New York, Peter Lang.
McStay, A. (2016). Empathic media and advertising: Industry, policy, legal and citizen perspectives (the case for intimacy). Big Data and Society, 3(2), 1–11.
McStay, A. (2018). Emotional AI: The rise of empathic media. Bangor: Sage.
Milligan, C. S. (1999). Facial recognition technology, video surveillance, and privacy. Southern California Interdisciplinary Law Journal, 9, 295.
Miltgen, C. L., & Peyrat-Guillard, D. (2014). Cultural and generational influences on privacy concerns: A qualitative study in seven European countries. European Journal of Information Systems, 23(2), 103–125.
Mingers, J., & Walsham, G. (2010). Toward ethical information systems: The contribution of discourse ethics. MIS Quarterly, 34(4), 833.
Moore, P., & Piwek, L. (2017). Regulating wellbeing in the brave new quantified workplace. Employee Relations, 39(3), 308–316.
Murry, W. D., Wimbush, J. C., & Dalton, D. R. (2001). Genetic screening in the workplace: Legislative and ethical implications. Journal of Business Ethics, 29(4), 365–378.
Naker, S., & Greenbaum, D. (2017). Now you see me: Now you still do: Facial recognition technology and the growing lack of privacy. Boston University Journal of Science & Technology Law, 23, 88.
Nissenbaum, H. (2004). Privacy as contextual integrity. Washington Law Review, 79, 119–158.
Nissenbaum, H. (2009). Privacy in context: Technology, policy, and the integrity of social life. Stanford: Stanford University Press.
Nissenbaum, H. (2011). A contextual approach to privacy online. Daedalus, 140(4), 32–48.
NIST (2018). National Institute of Standards and Technology Face Recognition Vendor Test. https://www.nist.gov/programs-projects/face-recognition-vendor-test-frvt. Accessed 4 Nov.
Norval, A., & Prasopoulou, E. (2017). Public faces? A critical exploration of the diffusion of face recognition technologies in online social networks. New Media and Society, 19(4), 637–654.
Nunan, D., & Di Domenico, M. (2017). Big data: A normal accident waiting to happen? Journal of Business Ethics, 145(3), 481–491.
Odoherty, K. C., Christofides, E., Yen, J., Bentzen, H. B., Burke, W., Koenig, N. H. A., et al. (2016). If you build it, they will come: Unintended future uses of organised health data collections. BMC Medical Ethics, 17(54), 1–16.
Park, Y. J. (2013). Digital literacy and privacy behavior online. Communication Research, 40(2), 215–236.
Park, Y. J., & Skoric, M. (2017). Personalized ad in your Google Glass? Wearable technology, hands-off data collection, and new policy imperative. Journal of Business Ethics, 142(1), 71–82.
Pentina, I., Zhang, L., Bata, H., & Chen, Y. (2016). Exploring privacy paradox in information-sensitive mobile app adoption: A cross-cultural comparison. Computers in Human Behavior, 65, 409–419.
Prabhakar, S., Pankanti, S., & Jain, A. K. (2003). Biometric recognition: Security and privacy concerns. IEEE Security and Privacy, 99(2), 33–42.
Royakkers, L., Timmer, J., Kool, L., & Rinie van, E. (2018). Societal and ethical issues of digitization. Ethics and Information Technology, 20(2), 127–142.
Schuelke-Leech, B. A. (2018). A model for understanding the orders of magnitude of disruptive technologies. Technological Forecasting and Social Change, 129, 261–274.
Schumacher, G. (2012). Behavioural biometrics: Emerging trends and ethical risks. In Second Generation Biometrics: The Ethical, Legal and Social Context (pp. 215–227). New York: Springer.
Sheehy, B. (2015). Defining CSR: Problems and solutions. Journal of Business Ethics, 131(3), 625–648.
Shi, X., & Wu, X. (2017). An overview of human genetic privacy. Annals of the New York Academy of Sciences, 1387(1), 61–72.
Smith, G. J. D., San Roque, M., Westcott, H., & Marks, P. (2013). Surveillance texts and textualism: Truthtelling and trustmaking in an uncertain world. Surveillance and Society, 11(3), 215–221.
Soleymani, M., Asghari-Esfeden, S., Pantic, M., & Fu, Y. Continuous emotion detection using EEG signals and facial expressions. In Multimedia and Expo (ICME), 2014 IEEE International Conference on, 2014 (pp. 1–6): IEEE**.
Sprokkereef, A., and de Hert, P. (2012). Biometrics, privacy and agency. In Second generation biometrics: The ethical, legal and social context (pp. 81–101). New York: Springer.
Sud, M., & VanSandt, C. (2015). Identity rights: A structural void in inclusive growth. Journal of Business Ethics, 132(3), 589–601.
Sutrop, M., & Laas-Mikko, K. (2012). From identity verification to behavior prediction: Ethical implications of second generation biometrics. Review of Policy Research, 29(1), 21–36.
Taddicken, M. (2014). The ‘privacy paradox’in the social web: The impact of privacy concerns, individual characteristics, and the perceived social relevance on different forms of self-disclosure. Journal of Computer-Mediated Communication, 19(2), 248–273.
Trocchia, P. J., & Ainscough, T. L. (2006). Characterizing consumer concerns about identification technology. International Journal of Retail and Distribution Management, 34(8), 609–620.
Ulman, Y. I., Cakar, T., & Yildiz, G. (2015). Ethical issues in neuromarketing: “I Consume, Therefore I am!”. Science and Engineering Ethics, 21(5), 1271–1284.
Unar, J., Seng, W. C., & Abbasi, A. (2014). A review of biometric technology along with trends and prospects. Pattern Recognition, 47(8), 2673–2688.
Van der Ploeg, I. (2003). Biometrics and privacy: A note on the politics of theorizing technology. Information, Communication and Society, 6(1), 85–104.
Wang, C., & Cesar, P. Do we react in the same manner?: Comparing GSR patterns across scenarios. In Proceedings of the 8th Nordic Conference on Human-Computer Interaction: Fun, Fast, Foundational, 2014 (pp. 501–510): ACM.
Wang, C., & Cesar, P. The play is a hit: But how can you tell? In Proceedings of the 2017 ACM SIGCHI Conference on Creativity and Cognition, 2017 (pp. 336–347): ACM.
Wang, C., Geelhoed, E. N., Stenton, P. P., & Cesar, P. Sensing a live audience. In Proceedings of the 32nd annual ACM conference on Human factors in computing systems, 2014 (pp. 1909–1912): ACM.
Wang, C., Wong, J., Zhu, X., Röggla, T., Jansen, J., & Cesar, P. Quantifying audience experience in the wild: Heuristics for developing and deploying a biosensor infrastructure in theaters. In Quality of Multimedia Experience (QoMEX), 2016 Eighth International Conference on IEEE, 2016 (pp. 1–6).
Webb, A. M., Wang, C., Kerne, A., & Cesar, P. Distributed liveness: Understanding how new technologies transform performance experiences. In Proceedings of the 19th ACM Conference on Computer-Supported Cooperative Work and Social Computing, 2016 (pp. 432–437): ACM.
West, J. P., & Bowman, J. S. (2016). Electronic surveillance at work: An ethical analysis. Administration and Society, 48(5), 628–651.
Whitehill, J., Serpell, Z., Lin, Y.-C., Foster, A., & Movellan, J. R. (2014). The faces of engagement: Automatic recognition of student engagementfrom facial expressions. IEEE Transactions on Affective Computing, 5(1), 86–98.
Winter, J. S. (2014). Surveillance in ubiquitous network societies: Normative conflicts related to the consumer in-store supermarket experience in the context of the Internet of Things. Ethics and Information Technology, 16(1), 27–41.
Winter, S. J., Stylianou, A. C., & Giacalone, R. A. (2004). Individual differences in the acceptability of unethical information technology practices: The case of Machiavellianism and ethical ideology. Journal of Business Ethics, 54(3), 273–301.
Zarsky, T. Z. (2017). Incompatible: The GDPR in the age of big data. Seton Hall Law Review, 47(4), 995–1020.
Zhao, W., Chellappa, R., Phillips, P. J., & Rosenfeld, A. (2003). Face recognition: A literature survey. ACM Computing Surveys, 35(4), 399–458.
Zwitter, A. (2014). Big data ethics. Big Data and Society, 1(2), 1–6.
Wickins, J. (2007). The ethics of biometrics: the risk of social exclusion from the widespread use of electronic identification. Science and Engineering Ethics, 13(1), 45–54.
Finn, R. L., Wright, D., & Friedewald, M. (2013). Seven types of privacy. In European data protection: coming of age (pp. 3–32). Dordrecht: Springer.
Jain, A. K., Ross, A., & Prabhakar, S. (2004). An introduction to biometric recognition. IEEE Transactions on circuits and systems for video technology, 14(1), 1–29.
Acknowledgements
Feedback from the anonymous reviewers informed this updated version; I greatly appreciate their efforts and useful suggestions in improving the manuscript. I would also like to acknowledge the research assistance of Ishan Senarathna. I would also like to thank Nicholas Patterson and Matthew Warren for their feedback and guidance in the early stages.
Funding
Funding for this research was provided by the Deakin Business School, Centre for Sustainable and Responsible Organisations (CSaRO).
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
I declare that I have no conflict of interest.
Additional information
Publisher’s Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
An earlier version of this paper was accepted for the 77th Academy of Management Meeting.
Rights and permissions
About this article
Cite this article
North-Samardzic, A. Biometric Technology and Ethics: Beyond Security Applications. J Bus Ethics 167, 433–450 (2020). https://doi.org/10.1007/s10551-019-04143-6
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10551-019-04143-6