The need for a global consideration of the human rights implications of biometrics
- Author(s):
- Parliamentary Assembly
- Origin
- Text adopted by
the Standing Committee, acting on behalf of the Assembly, on 11
March 2011 (see Doc. 12522, report
of the Committee on Legal Affairs and Human Rights, rapporteur:
Mr Haibach; and Doc. 12528,
opinion of the Committee on Culture, Science and Education, rapporteur:
Ms Brasseur). See also Recommendation
1960 (2011).
- Thesaurus
1. In the aftermath of the events
of 11 September 2001, security issues have become a priority at
the global level. They have led to an ongoing search for secure
and reliable methods of verification of an individual’s identity,
through his or her physical traits, by using biometrics. Due to
its rapid development, biometric technology offers a possible solution
to various security concerns, but it also puts several human rights
at risk, including the right to respect for private life, the right
to a fair trial and the presumption of innocence, freedom of movement
and the prohibition of discrimination, as enshrined in the European
Convention on Human Rights (ETS No. 5).
2. The Parliamentary Assembly notes that there is a need to properly
balance security and the protection of human rights and fundamental
freedoms, including the right to privacy. The broad technical scope
of biometrics, its rapid development and member states’ willingness
to make use of it for multiple purposes may not yet be appropriately
reflected in member states’ legislation for the safeguarding of
human rights. Once a new technology has found its way into everyday
life, it becomes more difficult to implement, or even adopt, a proper
legal framework. Member states should therefore deal with the legal
issues relating to biometrics without delay.
3. At the European level, the existing legal framework remains
vague, as there is no generally accepted definition of “biometric
data”. Thus, the Assembly strongly believes that the Council of
Europe itself should take steps to ensure that this legal framework
is enhanced and modernised.
4. The Assembly therefore calls upon member states to:
4.1 adopt specific legislation on
the use of biometric technologies to protect individuals from abuses of
the rights enshrined in the European Convention on Human Rights,
the Convention for the Protection of Human Rights and Dignity of
the Human Being with regard to the Application of Biology and Medicine: Convention
on Human Rights and Biomedicine (“Oviedo Convention”, ETS No. 164)
and other instruments on human rights protection, in particular
to:
4.1.1 elaborate a standardised definition of “biometric
data”;
4.1.2 revise the existing regulations concerning the general
protection of personal data by adjusting them to current applications
of enhanced biometric technologies;
4.2 keep their legislation under review in order to meet the
challenges stemming from the further development of biometric technologies,
including so-called “second generation” biometrics;
4.3 promote proportionality in dealing with biometric data,
in particular by:
4.3.1 limiting their evaluation, processing
and storage to cases of clear necessity, namely when the gain in
security or in the protection of public health or of the rights
of others clearly outweighs a possible interference with human rights
and if the use of other, less intrusive techniques does not suffice;
4.3.2 providing individuals who are unable or unwilling to provide
biometric data with alternative methods of identification and verification,
where such data may unnecessarily include personal medical or health
information;
4.3.3 working with data from biometric templates instead of
raw data, whenever possible;
4.3.4 ensuring the right of individuals to be informed about
the collection and processing of their biometric data;
4.3.5 enhancing transparency as a precondition for a person’s
meaningful consent to providing biometric data and, where appropriate,
facilitating the revocation of consent;
4.3.6 allowing individuals access to their data and/or the right
to have it erased or rectified;
4.3.7 providing for appropriate storage systems, in particular
by reducing centralised storage of data to the strict minimum, as
well as by avoiding abusive pooling of unrelated data storage systems;
4.3.8 ensuring that biometric data is only used for the purpose
for which they have been lawfully collected and preventing unauthorised
transmission of, or access to, such data;
4.4 establish, as appropriate, supervisory bodies to control
the implementation of relevant legislation and provide for effective
remedies for individuals in case of violations of their human rights
and fundamental freedoms;
4.5 strengthen the private sector’s compliance with existing
data protection laws when using biometric technology, especially
by:
4.5.1 ensuring accountability of data controllers;
4.5.2 requiring adequate training of those handling biometric
data;
4.6 promote multidisciplinary research on new biometric technologies
that would ensure a balance between the need for enhanced security
and the respect for privacy, human dignity and transparency;
4.7 assess potential risks resulting from the use of biometrics
for human rights and fundamental freedoms and share results between
member states.
5. The Assembly also calls on member states to step up international
co-operation, in particular with the United Nations, the Organisation
for Economic Co-operation and Development and the European Union,
with a view to harmonising standards on biometrics, in conformity
with international human rights standards.