Biometrics in the Context of Personal Data and Genetic Information: Legal Issues

Abstract

In modern society, methods of identification of persons on the basis of their physical, biological or behavioral characteristics are actively developing. European countries are in the process of developing a holistic doctrine on biometric control and are clarifying their position on situations where biometric data are used by individuals.From the position of information law, the paper presents a new author’s approach to the problem of processing biometric data and genetic information. The division of biometrics into “trace” and “non-trace” is losing its meaning. A new classification of biometrics into digital and analog is proposed.Biometric access control should not become a routine phenomenon in the framework of the organization of the company and without any reason to replace other existing types of control. The interested person can be entrusted with the storage of their own biometric data to reduce the risks of leakage and the consequences of exposure to them. Biometric data must be stored on the company’s servers in encrypted form, which makes it impossible to use them without the consent of the person concerned.Biometric data should be protected by a special legal regime. The analysis of the European and Russian legislation made it possible to draw the following conclusions: biometric data is a special type of personal data, a special legal regime and regulation should be established; digital biometrics needs special legal regulation, since it is the most vulnerable type; genetic information does not fully correspond to the concept of personal data, as it can relate to an unlimited number of persons. This determines the need to develop a special law “on genetic information”.