India Preparatory Meeting: Biometrics and Data Protection RISE Conference Presentations – India, 24 September 2009 1. Mr. Emilio Mordini, Coordinator, Project RISE – Introduction to the Theme of the Conference emilio.mordini@cssc.eu This presentation introduces the theme of biometrics and data protection by discussing the EC’s framework programmes on research, development and technology and listing several projects and conferences that address the impact of biometric technology. The features of surveillance technologies are explored, and both conventional biometrics and new emerging biometric applications are considered. The overview also questions the concepts of identity and human recognition. Finally, the presentation considers whether biometrics can be liberating and perhaps even improve global justice. 2. Kush Wadhwa, Managing Director, Global Security Intelligence – Panel on Differences and Commonalities – Asia, Europe, and the U.S. kwadhwa@globalseci.com This presentation introduces the panel discussion on the differences and commonalities regarding biometrics and data protection amongst Asia, Europe and the U.S. The key themes covered by the panel include data protection, the emergence of the “surveillance society,” and the pervasiveness of biometrics. This introduction emphasizes the importance of biometrics and security ethics given the potential scope of its impact and high-levels of risk. Several questions regarding the current and future state of surveillance technologies are also posed for discussion by the panel. 3. Mr. Sundeep Nehra, Sr. Director, Deloitte - Biometric Systems & Privacy Concerns (**This presentation had no name. I am guessing that it belong to Mr. Nehra from Deloitte.) snehra@deloitte.com This presentation provides an overview of biometrics, privacy concerns, and best practices. Data collected using biometric technology can be gathered from a multitude of sources, including a person’s appearance, social behavior, bio-dynamics, physiography and features. Because most of that data can be considered highly sensitive, privacy concerns must be addressed. One way to do this is to implement best practices that put the user in control of protecting their own data. The presentation concluded with an illustration of Deloitte’s risk-based approach to privacy and data protection. 4. Kamlesh Bajaj, CEO, Data Security Council of India (DSCI) - DSCI and Data Protection kamlesh.bajaj@dsci.in This presentation discusses data protection and regulation compliance in India. The protection of sensitive data is a top business priority, as clients from around the world are outsourcing to IT/BPO service providers in India. To safeguard sensitive information, the government has enacted new laws that promote a stronger data protection regime through the implementation of reasonable security practices. The industry has responded by creating the Data Security Council of India as a selfregulatory organization to promote best practices for security and privacy. These practices will also be applicable in addressing the data protection challenges in the domestic marketplace, since the increasing pervasiveness of IT has changed the personal and social landscape in India resulting in new concerns regarding privacy. This presentation provides an overview of the amendments that affect privacy protection in India, as well as the DSCI privacy principles and data security practices. 5. Zia Saquib, Executive Director, CDAC Mumbai - Controlled Identity Revelation saquib@cdacmumbai.in This presentation was included under a panel discussing case studies on the secure & privacy enhancing use of biometrics (e.g., Banking, e-Passports, and National IDs). Mr. Saquib acknowledges that identification is a sensitive issue, and presents several ideas for implementing privacy enhancing biometrics. The presentation concluded with a case study discussion of the b-SID (Seafarer’s Identification Document), implemented by India’s Ministry of Shipping. 6. Nandita Jain Mahajan, Chief Privacy & Information Security Officer, IBM India/South Asia and Nalini K. Ratha Ph.D., Research Staff Member, Exploratory Computer Vision Group, IBM T.J. Watson Research Center Biometrics in IT/ITes Organizations: Application, Challenges, and Recent Research nandita.jain.mahajan@dc.ibm.com ratha@us.ibm.com This presentation discusses biometrics technology and applications in IT/ITes organizations. After introducing emerging biometrics applications and providing an overview of biometrics systems architecture, several questions are posed: Is there a technology that provides adequate safeguards to our data? Can one biometric technology satisfy certain defined key attributes, such as universality, uniqueness, and acceptability? How do we best address large throughput volumes? The presentation also considers which available biometrics might be best integrated and discusses the privacy issues that may be introduced as a result. The presentation concludes with several examples of biometric research and applications, including SmartCard fingerprint identification, dynamic signature recognition, and conversational biometrics.