The CSR Newsletters are a freely-available resource generated as a dynamic complement to the textbook, Strategic Corporate Social Responsibility: Sustainable Value Creation.

To sign-up to receive the CSR Newsletters regularly during the fall and spring academic semesters, e-mail author David Chandler at david.chandler@ucdenver.edu.

Friday, November 18, 2016

Strategic CSR - Biometric data

The article in the url below highlights the growing complexity of the task facing companies that are collecting ever growing amounts of their employees' personal data:
 
"As the advent of widescale use of biometric data approaches, companies already struggling to protect the personal information of their employees and business partners will have to ramp up their security to even higher levels to protect the even-more-sensitive fingerprints and iris scans that will be in their possession."
 
In particular, the concern is with innovations that are designed in to increase security by relying on biometric data for identification. The reason these data are more secure is because they are unique to the individual. While this increases security, however, it also raises the stakes should those data be compromised:
 
"While the ramifications of a stolen password can be a pain for the affected person or company, the password can be changed and the damage limited. But stealing someone's fingerprint, palm print or iris scan can lead to a lifetime of problems, said David Meyer, vice president of products, OneLogin, an identity and access-management firm. 'The risks or consequences if biometric data get compromised are larger than if a password secret gets compromised,' said Mr. Meyer. A person can always change their password or get a new ID badge, 'but they can't change their fingerprint or facial geometry.'"
 
Hmmmmmm. In practice, however, I wonder how different this is. While a password can certainly be reset, I am not sure that a social security number (National Insurance number in the UK) can be changed nearly so easily – perhaps about as easily as someone's "facial geometry." And, as far as I am aware, my SSN has been compromised so many times, it is surely available to the highest bidder on various dodgy websites. Clearly there is an emerging business opportunity for someone who can develop a cosmetic surgery process to alter fingerprints – no doubt, iris scans will be a little more complicated.
 
Have a good weekend
David
 
 
Instructor Teaching and Student Study Site: https://study.sagepub.com/chandler4e
Strategic CSR Simulation: http://www.strategiccsrsim.com/
The library of CSR Newsletters are archived at: https://strategiccsr-sage.blogspot.com/
 
 
Biometric Data Raises Privacy Stakes
By Ben DiPietro
July 25, 2016
The Wall Street Journal