11:47 April 19, 2013 Into (AGI) – Rome, April 19 – The Ombudsman for privacy has authorized the launch of two innovative projects that allow some banks to identify their customers through biometric analysis of the signature of the digital players, but only after the adoption of appropriate safeguards to protect of privacy. The new procedure – reads the newsletter – requires the user to not sign more ‘on an ordinary sheet of paper, but on an electronic tablet “grafometrico” able to acquire some biometric parameters of the person as the rhythm, the speed’, the pressure exerted during the movement of signatu re. The recorded data are then compared with those already ‘previously stored in order to allow authentication of the client computer which has affixed. During the preliminary investigation on the two projects submitted for a preliminary verification, the Guarantor has acknowledged the actual usefulness’ of the new instrument, also in the light of the specific regulations of the banking sector, which requires, for example, the identification of reliable and rigorous ‘users, in the interests of sound and prudent risk management. The Authority ‘found no significant profiles criticality’ in the first draft, which was presented by a single financial institution. They are, in fact, provide adequate security measures and procedures to ensure the proper management of data processed. The Guarantor has, however, ‘remarked that, given the particular sensitivity of the information collected (biometric data that could also allow, among other things, t o go back to any user who signs the disease), they must be used exclusively for perform user identification. However, were prescribed a number of additions per second biometric signature project, proposed by four different banks belonging to the same group and by a company ‘that provides technology services to businesses and the public administration, in order to make it comply with privacy regulations. The Ombudsman found that, contrary to what is claimed in the documentation, in this case the banks and the companies’ technology services share ownership ‘of data management: they will then jointly define how’ of treatment for parts of their competence and provide customers with adequate information about. The Authority ‘then pointed out that you can not’ impose, directly or indirectly, to the customers to adhere to the new procedure of biometric analysis of the signature. Users, in fact, must be able to express their consent to the process ing of data in free form, with the guarantee of being able to take advantage of alternative procedures for the subscription of bank documents. The Authority ‘has finally revealed that the biometric data so’ collected, unless it is provided for by specific industry regulations, may be kept only for the time strictly necessary to provide the service or to respond to any dispute referred to also in the judicial.
No comments:
Post a Comment