Privacy has had a rare victory in one of Australia's most successful public biometric roll outs by health insurer Australian Health Manangement, which has registered more than 13,000 members to its voice verification platform since last December.
While biometric advocates claim the technology improves security through voice and face recognition, fingerprint identification, and advanced techniques such as deep-palm reading and retinal scanning, the security conscious argue stolen biometric data is irreplaceable.
As a proponent of such security concerns, NSW Council of Civil Liberties president Cameron Murphy has called for all biometric suppliers and users to join the industry-led Biometric Institute privacy act.
According to Cameron, the industry-negotiated code introduced in September 2006 has been virtually ignored as only four of the institute's 69 users have signed on.
"This is appalling and an absolute disgrace; legislation is playing catch-up with biometric technology and the vendors are flying ahead [with biometric development] without any concern for privacy implications," Murphy said.
The code, negoitated between industry and regulators, imposes minimum privacy standards for the deployment of biometrics to give users more confidence in the intrusive technology.
Cameron is furious about the industry's lax attitude to the privacy standards because federal regulation, including the Privacy Act, does not facilitate for biometric technology already in large-scale adoption.
The council has received a twenty-one-fold increase in privacy complaints since 1991, with an eleven-fold rise in complaints centred on biometrics. However, it is historically uncommon for law-suits concerning breaches of biometric privacy to be successful, due in part to delays of up to five years for cases to progress through the Privacy Office.
But privacy was on the top of Australian Health Management operations manager Melinda Charlesworth's agenda when she overlaid the company's Interactive Voice Response (IVR) system with voice recognition.
The system was deployed last December to boost the companies' call centre user authentication process, which recieves some 420,000 calls each year through its main telephone number, and to reduce fraudlent access to customer data.
"The potential threat of an unauthorised person passing the [100-point] security checks to access customer records is much higher in our industry because its often a close relation like an ex-spouse who knows the victim's name, address, and date of birth," Charlesworth said, noting that government agencies such as Centrelink are equally exposed.
AHM became one of the few biometric players to sign on to the privacy code and is currently mid-way through its gruelling audit process.
However, Charlesworth said the system's unprecedented adoption rate is testament to the importance of privacy.
"We haven't taken this lightly; our agents fully inform the customer about the technology before they opt-in, and they walk them through the [voice printing] process," she said. As part of the project, AHM installed a fully automated speech-overlaid IVR system for users who do not use the biometric system.
The VeCommerce VeSecure solution has wiped about 30 seconds off the average five minute phone call, which is typically wasted on agent-intensive customer authentication, and is registering an astounding 125 new members per day.