ABSTRACT
The principles of purpose specification, confidentiality, proportionality, and subject consent are the main factors in the review of biometric technologies by the Data Protection Inspector in European Union member states. First, the purpose of data collection needs to be defined, transparent, and legitimate. Next, an evaluation of the proportionality for the collected data and the data processing should be made. The purpose principle specifies that proper protection is required against unauthorized use of biometric data for purposes except those the data was collected
Abstract 253 9.1 Introduction 254 9.2 State of the Art 257 9.3 Main Aspects of Biometrics Technology 259 9.4 Analysis 262 9.5 Legal Aspects in the Use of Biometrics in Norway 263
9.5.1 Case Study 265 9.5.1.1 REMA 1000 266 9.5.1.2 Bunnpris 267 9.5.1.3 Fitness24Seven 269
9.6 Ethical Issues 272 9.7 Conclusion 276 References 276
for. Confidentiality provides a minimum of protection by adequate tests that prove that the biometric data is accessible only by authorized individuals. Proportionality requires biometric data to be nonexcessive, relevant, and restricted to the requirements of the data collection’s purposes. However, there is uncertainty about how the purpose and the proportionality principle should be applied to biometric data.
