Biometric payment technology is a slippery slope to becoming one with our digital footprints, raising concerns about data privacy and customer surveillance
This week, Amazon announced that its palm-scanning software—designed to streamline “everyday activities like paying at a store, presenting a loyalty card, entering a location like a stadium, or badging into work”—is expanding to 65 Whole Foods locations across the state of California. It’s the most significant rollout of this technology yet, leaving data privacy advocates concerned.
Whole Foods shoppers can register for Amazon One on-site via kiosk; the process is said to take less than a minute, requiring just a credit card, a phone number, and a scan of your “unique palm signature,” which is thought to be more secure than other forms of biometric identification. You can’t recognize a person’s palm like you could their face or retina, for instance, and a handprint is much more difficult to pick up and spoof than that of a single finger. Amazon assures potential users that their data is in safe hands, should they choose to enroll: “The Amazon One device is protected by multiple security controls and palm images are never stored… Rather, the images are encrypted and sent to a highly secure area we custom-built in the cloud where we create your palm signature.”
“It’s necessary to think about the implications of becoming inseparable from our digital footprints—to consider the consequences of having them exist as part of our bodies, scannable and trackable and, ultimately, transmittable.”
Of course, Amazon hasn’t had the best track record in this particular realm. Just last month, Politico reported that the tech giant handed Ring video doorbell footage over to the cops—without a warrant—at least 11 times this year. “By the start of 2021, Amazon had struck more than 2,000 partnerships with police and fire departments across the US,” reveals a piece on the incident from Wired, raising serious questions about where the company’s priorities lie, between the poles of complete customer privacy and total customer surveillance. “In the UK, [the Amazon-owned] Ring has partnered with police forces to give cameras away to local residents.”
There are countless other causes for alarm: high-ranking Amazon whistleblowers, warning that the company’s lack of regard for security will expose users to “potential breaches, theft, and exploitation;” toxic workplace culture where delivery drivers and warehouse employees are tracked via handheld scanners, surveilled constantly by camera, and fired swiftly if they fail to meet impossibly high and fast standards; its recent acquisition of iRobot, the maker of Roomba robot vacuums, which has reportedly created an Alexa-esque device that can also “map out floor plans, listen to commands to move between rooms, and even [recognize] faces.”
Amazon One is the latest development in the company’s bid to become the ‘Everything Store,’ amassing as much highly-lucrative and highly-personal data as possible in the process. Tech policy analyst Frederike Kaltheuner suggests that this is the next logical step in “filling the gaps” of the Amazon empire: “There is a missing link in the kind of data they have if I go to a shop.” It’s necessary to think about the implications of becoming inseparable from our digital footprints—to consider the consequences of having them exist as part of our bodies, scannable and trackable and, ultimately, transmittable to grocery stores, or to our workplaces, or even to law enforcement.