Biometric technology is on the rise. Its applications are wide-ranging: facial scanning to replace passwords; iris recognition to replace debit cards; fingerprints to replace passports. Value is increasingly tied to faces, and faces have increasing value. Boaz Levin and Vera Tollmann, theorists and cofounders of the Research Center For Proxy Politics, explore the “token value” of identity resulting from such software and hardware, where one’s “digital identity and physical body become closely entangled” and one’s virtual proxy enters the political realm. Can the one-to-one relationship between self and proxy be skewed through forms of obfuscation? What will happen when the face on the screen looks back?
Without our noticing, cell phones have become Janus-faced machines. For an 11-year-old school kid today, the optics of the front-facing camera are just as important as those of the back camera when deciding what new phone to buy. Producing self-images, the new social currency, is key. Selfies have also become keys in a more literal sense: besides processing text and voice and monitoring movement, Apple’s latest phone, for one, has a three-dimensional face-scan feature, which claims to collect more than 30,000 data points to produce a “true” digital copy of a user’s face. Previously, security systems based on two-dimensional facial recognition software, piloted by companies like Lenovo and more recently Samsung, could be easily fooled by static images of the owner’s face.1 Yet with every new iteration of such technology, digital copies of our faces are gaining volume, depth, and higher definition. The explicit aim is the creation of immediate security, and with it, trust: no more passwords, no more middlemen or secret patterns, just tailored and “smart” access to your device at the blink of an eye, on your iPhone. The idealized vision behind biometric identification is a security system that could “recognize each authorized individual directly without the use of proxies such as keys, identification cards and passwords. Such proxies merely verify that the person requesting access has the needed device or password in their possession and does not guarantee that he or she is actually the authorized person.”2
To distract from the various potential surveillance functions of facial identification—a follow-up to touch-based identification—Apple added an “Animoji” feature that uses the face-scanning features of the iPhone X to create custom three-dimensional emojis based on the user’s facial expressions. In the process, the phone captures and saves a mathematical model of the face, a proxy double.3 Considering that the individually animated emoji—the user—is a source for a dataset sample, the phone is no longer just a device with cameras on two sides, but a two-faced port of entry and exit, a Janus head.
A more extreme example of a so-called consumer convenience product is Eyecloud, a project by the United Nations High Commissioner for Refugees (UNHCR), Cairo Amman Bank, and biometric technology company IrisGuard. The project was announced in January 2016, with the stated aim of providing refugees with financial assistance through “iris-enabled service.” As part of the program, a biometric security system that scanned users’ eyes was installed in over 50 of Cairo Amman Bank’s ATMs in Jordan, particularly in areas populated by Syrian refugees. The project promised to expedite the identification process for refugees receiving financial aid, eliminating long waiting periods and the necessity of queuing outside aid agencies, “while lowering overhead costs and boosting accountability.”4 The Eyecloud system thus makes use of bio-data gathered during registration with the UNHCR, allowing Cairo Amman Bank’s ATMs to access the organization’s registration database and verify the refugee’s credentials, without the bank having to re-verify identities in the process of distributing aid.5 According to IrisGuard, over 1.6 million Syrian refugees in the region have been biometrically registered and can thus gain access to the system.6 This form of identification clearly has its share of benefits, and has been said to allow for a greater individualization of aid distribution, but it also raises fundamental questions about how biometric identification is redefining borders and subjects.7
Despite the perceived benefits of individualized biometric recognition, identification itself can often be deadly. For refugees, getting the basic information upon which to premise their identification can be risky or impossible—obtaining papers in their countries of origin, from which they are fleeing, is often out of the question. Others lose their papers or are robbed during their long journeys, and some choose to destroy them, for fear that, if identified by the European security system, they would be sent back or be forced to remain in the European country they first arrived at, in accordance with the Dublin regulations.8 As Frances Stonor Saunders has written, “in Algeria, [refugees who destroy their documents] are called harraga, Arabic for ‘those who burn.’ And they don’t only burn their documents: many burn their fingertips on hobs or with lighters or acid, or mutilate them with razors, to avoid biometric registration, capture and the prospect of expulsion.”9 This presents a twist on the Latin etymological origins of the “digital” in digitus, finger. The fingerprint, first used for identification in the nineteenth century, long predates the technology at the basis of iris recognition, which was introduced in 1994, and cannot be performed without a computer. Eyes are more accurate than fingers as markers of identification. Their mutilation is also deadlier and so is deemed less likely.
This process of biometric identification exemplifies the rise of what political theorist Louise Amoore calls “biometric borders.” These are interfaces between biometric technologies and the databases storing the information they collect, wherein “the body itself is inscribed with, and demarcates, a continual crossing of multiple encoded borders.”10 Borders, in other words, become mobile and differential, with the solid wall often—though certainly not always—replaced by an intricate logistical apparatus. A series of sensors, moving agents, protocols, and data centers are “deployed to divide bodies at international boundaries, airports, railway stations, on subways or city streets, in the office or the neighbourhood.”11 Borders are enforced differently depending community, which are ranked on a scale of “risk levels.” Amoore writes, “identity is assumed to be anchored as a source of prediction and prevention.”12
Over the past two years a plethora of pilot biometric projects run by UN programs and NGOs, in collaboration with start-up companies in cities like London and New York, have been tested on refugees. As Hannah Arendt forcefully claimed, refugees, as stateless persons, are the most vulnerable of all, stripped of their human rights—rights that are revealed to be contingent upon citizenship.13 Needless to say, such populations have no recourse to consumer protection frameworks, nor are they in a position to review the “terms and conditions” of aid distribution programs. In May 2017, the UN World Food Program (WFP) announced a new blockchain-based initiative taking these capabilities one step further, into the sphere of decentralized identity-based security technologies.14 This provides a further testing ground for experimental, decentralized authentication and payment systems.
Money has long been connected to faces. Typically, the likeness of a sovereign or a deity has been stamped upon it—Julius Caesar, Mao Zedong, or Benjamin Franklin. As anthropologist Keith Hart has noted, the two sides of each coin signify different types of concrete power:
On one side is “heads”—the symbol of the political authority which minted the coin; on the other side is “tails”—the precise specification of the amount the coin is worth as payment in exchange. One side reminds us that states underwrite currencies and the money is originally a relation between persons in society, a token perhaps. The other reveals the coin as a thing, capable of entering into definite relations with other things.15
As individual faces rise in data value, will the historical portraits of sovereigns stamped on the head of the coin—the side representing state power—be rendered obsolete? Biometrics start-ups, such as the New York-based HYPR, which professes to combine “the convenience of biometrics with the blockchain to enable truly decentralized authentication,” are attempting to enable secure transactions through forms of biometric identification in which a central, state-like authority is all but superfluous.16 And yet it’s easy to imagine such technologies being implemented for payment systems, reliant upon decentralized blockchain-based authentication, but working at the service of centralized banks. State authority may well remain, hidden behind a decentralized security system, while the portrait of the sovereign is pawned for the user’s biometric features.
In countries such as Sweden, China, and India, payments are increasingly processed via apps connected to bank accounts—not yet using biometric verification but supposedly safe mobile bank identification based on initial verification of documents. These systems keep the transfers within the respective country (meaning within a trusted payment infrastructure and a single currency). In this sense, these apps operate more like online banking than blockchain-based apps like HYPR. App use in these regions has become common for different reasons. In China, the transition from cash to mobile payment is mostly a reaction to widespread fraud; people trust apps (WeChat wallet, Alipay, Swish) more than they trust a 100-RMB note featuring a young Mao Zedong, because these notes are often counterfeit.17 Convenience also plays a part, since the phone is always in one’s pocket, and with mobile payments no pin code or signature is needed for identification. The only risk is running out of battery. In India, on the other hand, the move to app-based payments was encouraged aggressively from above, as the government announced on short notice that 500 and 1,000-rupee notes would no longer be legal tender. This decree removed 86 percent of currency from circulation, created a cash shortage, and forced citizens to quickly adopt other transaction methods. The stated goal was to combat counterfeit cash and unaccounted-for money while nudging a cash-dominated society in a digital direction.18 In Sweden, mobile payment systems are mostly related to a desire for convenience and an early-adopter mindset, which made way for widespread cashless payments. These varied reasons suggest that a further spread of app-based payments is imminent. But with all mobile payment systems comes the question of authentication and security—driving advancements in biometrics.
Technologies that collect and record biometric data afford decentralization and, because they are encrypted, a certain notion of anonymity, but they also inscribe a token value upon identity. Faces become keys, bodies morph and stretch, and one’s digital identity and physical body become closely entangled. During these processes, authority—decentralized or not—seems to be rendered increasingly opaque, supervising the information technology from a remote spot and intervening in case of system alerts. In a recent lecture, science historian Lorraine Daston asked whether the value of transparency has mutated before our eyes.19 Whereas transparency used to be a demand put forth by enlightened citizens to their governments, today it is secretive governments, powered by new technologies, that demand transparency—biometric legibility—of their citizens. Citizens are turned into accomplices in their own surveillance.
The perfect proxy
This demand for transparency—to unmask oneself, to show one’s face to the camera—triggers a necessity for subjects to invent imperfect or non-literal proxies. UN organizations and tech companies attempt to develop perfectly accurate proxies, where you—your body, eye, voice, or heartbeat—are exactly copied, their goal being to create proxies that are less and less exchangeable, forgeable, or losable. According to biotech entrepreneur Andre D’Souza:
What we’re hoping is that it means the end of things like passwords and pin numbers. But it could even replace things like car keys, house keys, credit cards, and boarding passes. These are all different proxies for identity. We think that a wearable device that’s paired with your biometric can be a much easier, more secure form of user identification.20
Users are currently urged to develop several passwords to access different digital services in the interest of privacy. But how can one multiply a face, once it has become a password or a token for access, be it access to information, money, or a nation-state?
The Roman god Janus presided over everything liminal: entrance and exit, new (and old) year, the beginnings and endings of conflict, doorways, metamorphoses. He was the god of ambivalence and ambiguity, porter to the heavens. Uniquely, Janus lacks a Greek counterpart. This, he explains to Caesar Germanicus, is because the Greeks referred to him as Chaos—his confusing doubled figure reflects his ancient origins in pandemonium.21 This god of borders was bereft of weapons; his only arms, he said, were his set of keys. Today, Janus might be the god of doubles and relays, a deity presiding over proxies, embodying their ambivalent relation to power and subversion, chaos and order.
Following Gilles Deleuze, perhaps subjects will one day manage “to escape the face, to dismantle the face and facializations, to become imperceptible, to become clandestine […] by strange true becomings that get past the wall and get out of the black holes, that make faciality traits themselves finally elude the organization of the face—freckles dashing toward the horizon, hair carried off by the wind.22 If this is indeed the case, people would need to learn to see with the “eyes” of the computer, to see faces not as faces but rather as keys. Wearing a “bunker-face”—a bored and empty face, inhuman, with “inanimate white surfaces” and “black holes”—might mark the beginning of a process of de-facializing.23
Despite the hopes of governments and companies, there is no such thing as an absolutely secure form of identification by means of technology. Biometric identification will always be a proxy. As David Lyon writes: “it works with a contested definition of ‘body,’ one in which body and information may be conceived as separate entities and where abstracted data act as proxy for other kinds of (inadmissible) definition such as the stories that people […] tell.”24 With biometrics, abstracted data is taken as an indisputable key, as a one-to-one representation, identical with the person it represents. Perhaps the first step in upending this relation would be to recognize the limits of biometric technologies as abstractions: to face these faces as the proxies they are.
This essay was written for the transmediale journal – face value edition. You can buy a print copy of the journal here.
- 1. Nguyen Minh Duc and Bui Quang Minh, “Your face is NOT your password. Face Authentication ByPassing Lenovo—Asus—Toshiba” (2009), http://citeseerx.ist.psu.edu.
- 2. Thomas Glavinich, “Biometrics and Access Control,” Electrical Contractor Mag (December 2006), http://www.ecmag.com/section/miscellaneous/biometrics-and-access-control.
- 3. Etymologically, a proxy is someone responsible for representing someone else in a court of law, or more generally, “one appointed or authorized to act for another.” Today, the word proxy is frequently used to designate a computer server acting as an intermediary for requests from clients. These servers afford indirect connections to a network, thus providing users with anonymity. However, in this intermediary capacity proxy servers can also be set up for the opposite task: to monitor traffic. Proxies are fundamentally ambivalent, Janus-faced; they can be seen as a symptom of crisis in current representational political structures, as well as a potential counter-strategy that aims to critically engage and challenge existing mechanisms of security and control.
- 4. Justin Lee, “UNHCR, IrisGuard launch EyeCloud to assist refugees with biometric banking,” Biometric Update (January 20, 2016), http://www.biometricupdate.com/201601/unhcr-irisguard-launch-eyecloud-to-assist-refugees-with-biometric-banking. See also: Christina zur Nedden, “In Jordanien bezahlen Geflüchtete jetzt mithilfe der Blockchain,” Wired (June 7, 2017), https://www.wired.de/collection/tech/blockchain-fluechtlinge-gefluechtete-camp-azraq-jodanien-wfp-iris-scan.
- 5. Ibid.
- 6. Andy Favell, “How Technology Is Helping Deliver Aid to Syrian Refugees in the Middle East,” Computer Weekly (October 2015), http://www.computerweekly.com/feature/How-technology-is-helping-deliver-aid-to-Syrian-refugees-in-the-Middle-East.
- 7. Hugo Slim, “Eye Scan Therefore I Am: The Individualization of Humanitarian Aid,” ODI HPN (May 11, 2015), https://odihpn.org/blog/eye-scan-therefore-i-am-the-individualization-of-humanitarian-aid/.
- 8. The Dublin regulations first came into force on September 1, 1997. They have since been amended twice, most recently in 2013. For the text of the Dublin Convention (1997) see: http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32013R0604.
- 9. Frances Stonor Saunders, “Where on Earth Are You?” London Review of Books (March 3, 2016). See also the claim against digital deportation by Brigitta Kuster and Vassilis S. Tsianos, “Erase them! Eurodac and Digital Deportability,” in flee erase territorialize, eiPCP (February 2013), and Marietta Kesting, “Erase Our (Genetic) Fingerprints?” in Visualität und Abstraktion. Figur–Grund–Verhältnisse virtu-ästhetisch betrachtet, ed. Hanne Loreck (Hamburg: Material Verlag, 2017).
- 10. Louise Amoore, “Biometric borders: Governing mobilities in the war on terror,” Political Geography 25 (2006): 336–351.
- 11. Ibid. See also: Peter Nyers, “Moving Borders,” Radical Philosophy blog (July 2012), https://www.radicalphilosophy.com/commentary/moving-borders.
- 12. Ibid.
- 13. Hannah Arendt, The Origins of Totalitarianism (New York: Harcourt Books, 1994), 302.
- 14. Umberto Bacchi, “U.N. glimpses into blockchain future with eye scan payments for refugees,” Reuters (June 21, 2017), https://www.reuters.com/article/us-un-refugees-blockchain/u-n-glimpses-into-blockchain-future-with-eye-scan-payments-for-refugees-idUSKBN19C0BB.
- 15. Keith Hart, “Head or Tails? Two Sides of the Coin,” Man, New Series, vol. 21, no. 4 (December 1986): 637–656, 638.
- 16. “Decentralized Authentication,” HYPR (February 23, 2017), https://www.hypr.com/decentralized-authentication/. HYPR’s slogan is “Trust everyone.”
- 17. Paul Mozur, “In Rural China, Cash Is Rapidly Becoming Obsolete,” The New York Times (July 16, 2017), https://www.nytimes.com/2017/07/16/business/china-cash-smartphone-payments.html.
- 18. Anirban Nag and Vrishti Beniwal, “India’s Scramble to Switch 23 Billion Banknotes: QuickTake Q&A,” Bloomberg (November 15, 2016), https://www.bloomberg.com/news/articles/2016-11-15/india-s-scramble-to-switch-23-billion-banknotes-quicktake-q-a.
- 19. Peter Galison, “Secrecy, Surveillance, and the Self,” Mosse Lectures, YouTube (December 3, 2015), https://www.youtube.com/watch?v=aNjLBUuX3rs.
- 20. Carrie Yury, “Your Heartbeat May Soon Be Your Only Password,” Wired (June 2014), https://www.wired.com/insights/2014/06/heartbeat-may-soon-password.
- 21. Ovid, Fasti, Book 1, trans. James George Frazer (Harvard University Press, 1931).
- 22. Gilles Deleuze and Félix Guattari, A Thousand Plateaus: Capitalism and Schizophrenia (University of Minnesota Press, 1987), 171.
- 23. Ibid.
- 24. David Lyon, Identifying Citizens: ID Cards as Surveillance (Cambridge: Polity Press, 2009), 126.