Extension of Social Security - Working Paper - ESS 59

Is biometric technology in social protection programmes illegal or arbitrary? An analysis of privacy and data protection

Social protection programmes require processing significant data amounts, including often-sensitive information such as household assets, health status and physical or intellectual disabilities. Now more than ever, it is critical to address issues of privacy and data security in social protection programme design, implementation and evaluation.

This paper seeks to guide social protection practitioners as they respond to critical questions for programme design and implementation, such as: what data should be collected? How do we ensure data will be lawfully processed? What data should or should not be shared, and with whom? What data should be retained? For how long and in what manner? Who is responsible for the data a programme processes? What are data subjects’ rights?
The paper focuses on non-contributory social protection programmes, particularly those that use biometric technologies. This focus is particularly relevant when private companies and donor agencies pressure programmes to use biometric technology. Technology use increases the risks beneficiaries as well as society face and underlines the importance of adopting explicit programme regulations to prevent, protect and redress potential breaches.