Recent work has established the possibility of deriving auxiliary information from biometric data. For example, it has been shown that face images can be used to deduce the health, gender, age and race of a subject; further, face images have been used to link a pseudonymous profile in the Web with a true profile, thereby compromising the privacy of an individual. The objective of this work is to design and implement techniques for imparting privacy to biometric data such as face, fingerprint and iris images.
In this regard, the following tasks are being conducted: (a) methods to modify biometric data such that the modified data can be used for re-identifying an individual but cannot be used to derive auxiliary information about the subject, such as gender and age; (b) methods to generate multiple privacy-enhanced templates from the same biometric data in such a way that these templates cannot be linked using a biometric matcher; and (c) methods to decompose and store the biometric data of a subject across entities such that individual entities cannot determine the identity of the subject, but collaboration across entities is essential for eliciting the identity of the subject. Finally, methods to assess the degree of privacy of a biometric image are being developed in order to quantify the amount of private information that can be derived from it. The proposed methods are being evaluated on publicly available face, fingerprint and iris datasets in order to determine their efficacy in the context of cyberspace applications.
