AimBrain whitepaper examines impact of GDPR on companies using biometrics
With GDPR set to come into effect in May of 2018, AimBrain and strategic law firm JAG Shaw Baker have published a whitepaper examining the responsibilities of organizations collecting, storing, and making use of biometric data.
“GDPR & Beyond: Collaboration, Consent, Capture and Care in the World of Biometric Data” considers the implications of GDPR for companies processing biometric data, the role of consent for active and passive biometric data capture, and the future of biometric data beyond GDPR.
Key considerations for companies include the obligation to appoint an internal Data Protection Officer, understanding the definitive roles of data processor and data controller and how the roles differ according to partner relationships, full comprehension of anonymization and pseudonymization, demands on organizations to be transparent to consumers, and the challenge of communicating effectively about theses considerations with regulators and consumers.
The whitepaper also includes a 17-item checklist of best practices for organizations working with biometric data handlers and third parties using customers’ biometric data.
“Whilst the details of GDPR are currently ambiguous in places, we believe that regulation will not inhibit the use of this highly sensitive data, but will provide the impetus required for forwardthinking, digital-first organisations to consider a longer-term cloud strategy, particularly when considering the rapid rate of adoption of biometrics as authentication as instigated by the end user,” the authors write.
As previously reported, AimBrain launched its biometric authentication app to the BlackBerry Marketplace in November.