Ireland: Preserving Privacy In The Age Of Biometrics (mondaq)
The Office of the Irish Data Protection Commissioner ('ODPC') recently published its audit report regarding Facebook. The audit was undertaken to determine whether Facebook had implemented recommendations stemming from the ODPC's first audit in 2011. While the audit was largely positive in its findings, the photo tagging feature introduced by Facebook, 'tag suggestion', was deemed by the ODPC to be a step too far for compliance with European data protection rules. This tool used cutting-edge facial recognition technology to automatically suggest the matching of names and pictures, i.e. upon the Facebook user uploading a photo, 'tag suggestion' would prompt the names of the individuals appearing in such image.Consent, contract and transparency are all discussed in some detail at the link and we've discussed those topics philosophically on this blog in the past. There is also an analysis of proportionality in the linked article. Proportionality is a concept seen a lot in discussions of privacy issues involving European government institutions. It's not a big part of privacy discussions in the United States.
In Europe, governments seem to feel freer to proactively inject themselves into arrangements between private entities than do governments in the United States. The recent French decision re biometrics for time-and-attendance is a good example of the invocation of proportionality to regulate the behavior of private entities.
In the United States, negligence, liability and torts seem to fill some of the roles proportionality plays in Europe. Since the legal system in the United States generally holds that one cannot consent to another party's negligence, negligent parties are exposed to civil suits in the event that a data breach harmful to individuals occurs.
In general, it seems that the European approach is more proactive and government driven while the approach in the United States is more reactive and driven by private interests.
