According to Cointelegraph, biometric data collected by the tech industry introduces multiple risk vectors to end users and imposes massive costs on tech companies. Evin McMullen, co-founder of Privado ID, a decentralized identity project using zero-knowledge cryptography, recently explained how decentralized blockchains mitigate these risks.
McMullen highlighted that biometric data isn't just processed or stored through traditional Big Tech companies like Google, Apple, or Microsoft. Instead, the data often passes through a complex supply chain of service providers, exposing user data to multiple third parties. McMullen emphasized that data should be shared on a need-to-know basis. Whenever possible, biometrics can be collected using mobile phones and kept on the device itself, never shared away from the device or connected to the internet. Instead, a zero-knowledge proof can be created. Zero-knowledge proofs verify data without revealing specific contents, limiting data exposure. Blockchain keys can control who gets access to biometric information.
Collecting biometric data presents significant cybersecurity, regulatory compliance, and storage costs for tech firms. McMullen noted that it is in the economic best interest of many businesses to avoid storing biometric data. Individual requests to remove or delete biometric data from information repositories are notoriously difficult to search for or amend but must maintain compliance with regulatory frameworks such as the European Union's General Data Protection Regulation (GDPR). The centralized nature of data storage by traditional tech companies creates opportunities for malicious actors to attack the firm's security infrastructure and steal sensitive user data. These centralized points of failure and the monopolistic assumptions of traditional tech providers are remedied by the decentralization inherent in blockchain identity solutions.
McMullen also touched on the potential for centralized biometric databases to be used for human rights abuses, an often overlooked concern. Using a historical example, McMullen noted that during World War II, the thorough documentation of Know Your Customer, banking, and voting records led to the systematic persecution of ethnic minorities in Europe. This point was previously argued by Nym CEO Harry Halpin, who used the historical backdrop of the Second World War to illustrate why privacy is a human right and to defend the founders of Tornado Cash.