Tag: biometric
Amazon faces lawsuit over alleged biometric tracking at Go stores in New York
Back in 2021, a law took effect in New York City that requires businesses to post conspicuous signs if they’re collecting customers’ biometric information, such as their facial scans and fingerprints. Now, Amazon is facing a proposed class-action lawsuit that accuses the company of failing to inform customers at its Go cashierless stores that it was collecting their biometrics.
In the lawsuit (PDF), filed by Alfredo Alberto Rodriguez Perez, the plaintiff argues that Go stores constantly use customers’ biometrics “by scanning [their palms] to identify them and by applying computer vision, deep learning algorithms, and sensor fusion that measure the shape and size of each customer’s body to identify customers, track where they move in the stores, and determine what they have purchased.” It said the company only put up signs about its biometric tracking activities over a year after the law went into effect.
Amazon’s Go stores give shoppers the option to take whatever product they have off shelves and walk out without the need to check out. To be able to enter these stores, customers will need to scan a code from the Amazon app with a connected credit card. However, some locations offer Amazon One, the e-commerce giant’s palm-based identity and payment service, as an entry option. The plaintiff’s complaint said the sign informs customers that Amazon will not be collecting their biometrics unless they choose to sign up for Amazon One. However, “Amazon Go stores do collect biometric identifier information on every single customer, including information on the size and shape of every customers body,” the complaint argues.
In a statement sent to NBC News, an Amazon spokesperson defended the company’s practices and technologies. They explained that Amazon does not use facial recognition, and any system it uses to identify shoppers inside its Go stores don’t constitute biometric tech. “Only shoppers who choose to enroll in Amazon One and choose to be identified by hovering their palm over the Amazon One device have their palm-biometric data securely collected,” they insisted, “and these individuals are provided the appropriate privacy disclosures during the enrollment process.”
The lawsuit’s outcome could then depend on whether the court sees someone’s body shape and size as biometric information. In the complaint, the plaintiff quotes NYC Admin Code 22-1201’s definition of a biometric identifier in context of the law as “a physiological or biological characteristic that is used by or on behalf of a commercial establishment, singly or in combination, to identify, or assist in identifying, an individual, including, but not limited to: (i) a retina or iris scan, (ii) a fingerprint or voiceprint, (iii) a scan of hand or face geometry, or any other identifying characteristic.”
This article originally appeared on Engadget at https://www.engadget.com/amazon-faces-lawsuit-over-alleged-biometric-tracking-at-go-stores-in-new-york-144429703.html?src=rss
Amazon Go Store Accused of Violating NYC’s Biometric Surveillance Law
Amazon is facing a class-action lawsuit that was filed on Thursday, claiming the company did not inform Amazon Go customers that they were being recorded at its New York City location. According to the lawsuit, Amazon was in violation of the Biometric Identifier Information Law passed in 2021 which requires all New…
What Are The Benefits of Biometric Security?
Given that the success of the internet is predicated on people’s willingness to trust one another, user identification and access…
The post What Are The Benefits of Biometric Security? appeared first on TechRound.
Verification, authentication, recognition: Deciphering biometric terms
You can now hide Google Chrome Incognito tabs behind a biometric lock on Android
Researcher buys US military device containing sensitive biometric data for $68 from eBay
The New York Times reports that Matthias Marx, head of a group of European researchers called the Chaos Computer Club, bought six biometric capture devices on eBay, most of them for under $200. The group intended to analyze the machines to search for vulnerabilities following a 2021 report from The…
US military biometric capture devices loaded with data were sold on eBay
Old US military equipment being sold on eBay contained what appears to be biometric data from troops, known terrorists, and people who may have worked with American forces in Afghanistan and other countries in the Middle East, according to a report from The New York Times. The devices were purchased by a group of hackers, who found fingerprints, iris scans, peoples’ pictures, and descriptions, all unencrypted and protected by a “well-documented” default password. In a blog post, the hackers called getting at the sensitive data “downright boring,” given how easy it was to read, copy, and analyze.
Matthias Marx, who lead the group’s efforts in researching the devices, doesn’t think that the data itself is boring, though, calling the fact…
Biometric devices sold on eBay reportedly contained sensitive US military data
German researchers who purchased biometric capture devices on eBay found sensitive US military data stored on their memory cards, The New York Times has reported. That included fingerprints, iris scans, photographs, names and descriptions of the individuals, mostly from Iraq and Afghanistan. Many worked with the US army and could be targeted if the devices fell into the wrong hands, according to the report.
A group of researchers called the Chaos Computer Club, led by Matthias Marx, bought six of the devices on eBay, most for under $200. They were spurred by a 2021 report from The Intercept that the Taliban had seized similar US military biometric devices. As such, they wanted to see if they contained identifying data on people who assisted the US Military that could put them at risk.
They were “shocked” by the results, according to the report. On the memory card of one device, they found the names, nationalities, photographs, fingerprints and iris scans of 2,632 people. Other metadata showed it had been used near Kandahar, Afghanistan in the summer of 2012. Another device was used in Jordan in 2013 and contained the fingerprints and iris scans of a small group of US military personnel.
Such devices were used to identify insurgents, verify local and third-country nationals accessing US bases and link people to events, according to a 2011 guide to the devices. “It was disturbing that [the US military] didn’t even try to protect the data,” Marx told the NY Times. “They didn’t care about the risk, or they ignored the risk.
One device was purchased at a military auction, and the seller said they were not aware that it contained sensitive data. The sensitive information was stored on a memory card, so the US military could have eliminated the risk by simply removing or destroying the cards before selling them.
“Because we have not reviewed the information contained on the devices, the department is not able to confirm the authenticity of the alleged data or otherwise comment on it,” Defense Department press secretary Brig. Gen. Patrick S. Ryder told the Times. “The department requests that any devices thought to contain personally identifiable information be returned for further analysis.”
Given the sensitivity of the information, the group plans to delete any personally identifiable information found on the devices. Another researcher noted that any individuals found on such devices aren’t safe even if they changed their identities, and should be given asylum by the US government.
EU lawmakers are calling for a full ban on biometric surveillance
The MEPs and a coalition of 76 NGOs agreed to not support the upcoming AI Act if it does not include a ban on the use of biometric surveillance.
Read more: EU lawmakers are calling for a full ban on biometric surveillance