Refugees are buying groceries with iris scans. What could go wrong?

More than 80% of the refugees in Jordanian camps now use iris scans to pay for their groceries. Refugee advocates say this is a huge future privacy problem.

An iris scanner.

A refugee uses their iris to access their account.

Photo: KHALIL MAZRAAWI/AFP via Getty Images

Every day, tens of thousands of refugees in the two main camps in Jordan pay for their groceries and withdraw their cash not with a card, but with a scan of their eye.

Nowhere in the United States can someone pay for groceries with an iris scan (though the Department of Homeland Security is considering collecting iris scans from U.S. immigrants, and Clear uses iris scans to verify identities for paying customers at airports) — but in the Jordanian refugee camps, biometric scanners are an everyday sight at grocery stores and ATMs. More than 80% of the 33,000-plus refugees who receive cash assistance and (most of them Syrian) and live in these camps use the United Nations' Refugee Agency iris-scanning system, which verifies identity through eye scans in order to distribute cash and food refugee assistance. Refugees can opt out of the program, but verifying identity without it is so complex that most do not.

IrisGuard, the company that provides the technology, recently shared that nearly 2.3 million refugees are enrolled through its technology. The company touts that it provides a secure way for food-assistance programs to quickly verify refugee identity "with dignity." IrisGuard and the UN argue that the system reduces the likelihood of fraud from people who "dual-register" for extra benefits, and eye-scanning also cuts down on the complex paperwork usually required to verify identity.

Refugee advocate groups see the program as a living example of "tech solutionism" — the idea that advanced technology can and should solve fundamental world problems, regardless of whether there are simpler and less tech-oriented methods available. These groups often cite the concept of proportionality: that the risks mitigated by a technology are equivalent to the harms that could be caused by its use. "Is double registration really an issue in Jordan? Do we know how bad the fraud issue is?" asked Marwa Fatafta, a Middle East and North Africa policy manager at tech human rights advocacy group Access Now. "In this case, trying to enhance the shopping experience of refugees at supermarkets isn't exactly necessary or proportionate."

"If you compare the risks related to human rights versus the benefits of these kinds of programs, we immediately recognize that the risks are far more egregious and grave. In case that information is leaked, you can always change your password, but you can't change your biometric data, you can't change your iris scan," Fatafta said.

The recent news that after U.S. withdrawal finished in Afghanistan, the Taliban managed to claim and access a U.S.-created biometric database of Afghan refugees has increased concern for advocates like Fatafta. "If you look at what's happening in Afghanistan in terms of the Taliban taking control of biometric databases, it gives you a hint at the worst-case scenario of the future of mass collection of biometric data," she said.

Because refugees usually flee governments oppressing them, those governments have a vested interest in any data that would help them identify the people who've left and where they might be. In the case of the Jordanian camps, most refugees based there have fled the ongoing conflict in Syria over the last decade. And it's not just the Syrian government who might have an interest in this information — incontrovertible biometric data on millions of refugees is valuable to countless political actors in the region, all of whom might use it for their own goals, not for the best interest of refugees and not with their consent. Oppressive governments could use data on refugees to track where they travel; to deny them entry, passports or national identity documents if they later return to the country; or even jail people considered "dissidents," like many of those who have fled Syria.

"Being a refugee is supposed to be a temporary status," Fatafta explained. "In contexts like Kenya, we've seen how the biometric registration of refugees by UNHCR has resulted in one or two generations down the line not being able to obtain a national ID in Kenya."

The United Nations and IrisGuard say that they would never willingly provide any of that data to the Jordanian government (which hosts the camps), and that blockchain technology protects the payments from fraud. But Fatafta pointed out that no data is ever perfectly secure, and iris scans are especially vulnerable because they usually remain biologically correct for a person's entire life, meaning a scan conducted on a 10-year old refugee could be just as accurate 50 years later, when perhaps the UN has moved on from this particular program and the data languishes somewhere, becoming increasingly vulnerable over time.

The UN Refugee Agency did not respond to requests for comment, and IrisGuard declined to comment. Access Now sent a series of questions about data privacy and protection to the UN and IrisGuard; the UN replied with assurances that it is doing everything necessary to secure information, while IrisGuard never replied.

Children as young as five may have their irises scanned in the Jordanian camps, which also raises questions about their future consent on the use of the data, according to Fatafta. "Consent is a fundamental pillar of data protection. As a data subject, you have the ultimate agency over your personal information and what you want to share with governments or third parties, companies, whatever," she said. Children don't necessarily have this control, given that their scans as a child remain accurate as an adult.

"It's really hard to have meaningful consent in these situations where refugees are in dire need for humanitarian aid and service delivery, basic needs like food and clothes and cash," Fatafta said. Saying "no" to the fastest and most basic system to get essential food and cash would be exceptionally difficult for anyone in a humanitarian context, raising the question of whether the consent is really authentic for refugees in this situation.

While the system has now been widely adopted, the refugees living in the camps have said in the past that iris-scanning verification also takes away some of their personal freedoms. Paying with an eye at the supermarket makes it harder for people to share money with friends, send children or other family members to buy groceries for them, pool money with others or make other financial decisions once they have cash in hand. Some also feel that they don't have much of a choice in terms of whether they opt into using the system, according to a 2016 report.

"I think we got there because governments and organizations believe that technology is the bulletproof solution to many of those problems that we face. Having millions of refugees is not an easy problem, it's a huge challenge that requires fast and convenient delivery," Fatafta said. "There are companies that are happy to provide these technologies and profit off of those situations."


It's OK to cry at work

Our comfort with crying at work has changed drastically over the past couple years. But experts said the hard part is helping workers get through the underlying mental health challenges.

Tech workers and workplace mental health experts said discussing emotions at work has become less taboo over the past couple years, but we’re still a ways away from completely normalizing the conversation — and adjusting policies accordingly.

Photo: Teerasak Ainkeaw / EyeEm via Getty Images

Everyone seems to be ugly crying on the internet these days. A new Snapchat filter makes people look like they’re breaking down on television, crying at celebratory occasions or crying when it sounds like they’re laughing. But one of the ways it's been used is weirdly cathartic: the workplace.

In one video, a creator posted a video of their co-worker merely sitting at a desk, presumably giggling or smiling, but the Snapchat tool gave them a pained look on their face. The video was captioned: “When you still have two hours left of your working day.” Another video showed someone asking their co-workers if they enjoy their job. Everyone said yes, but the filter indicated otherwise.

Keep Reading Show less
Sarah Roach

Sarah Roach is a news writer at Protocol (@sarahroach_) and contributes to Source Code. She is a recent graduate of George Washington University, where she studied journalism and mass communication and criminal justice. She previously worked for two years as editor in chief of her school's independent newspaper, The GW Hatchet.

Sponsored Content

Foursquare data story: leveraging location data for site selection

We take a closer look at points of interest and foot traffic patterns to demonstrate how location data can be leveraged to inform better site selecti­on strategies.

Imagine: You’re the leader of a real estate team at a restaurant brand looking to open a new location in Manhattan. You have two options you’re evaluating: one site in SoHo, and another site in the Flatiron neighborhood. Which do you choose?

Keep Reading Show less

Arm’s new CEO is planning the IPO it sought to avoid last year

Arm CEO Rene Haas told Protocol that Arm will be fine as a standalone company, as it focuses on efficient computing and giving customers a more finished product than a basic chip core design.

Rene Haas is taking Arm on a fresh trajectory.

Photo: Arm

The new path for Arm is beginning to come into focus.

Weeks after Nvidia’s $40 bid to acquire Arm from SoftBank collapsed, the appointment of Rene Haas to replace longtime chief executive Simon Segars has set the business on a fresh trajectory. Haas appears determined to shake up the company, with plans to lay off as much as 15% of the staff ahead of plans to take the company public once again by the end of March next year.

Keep Reading Show less
Max A. Cherney

Max A. Cherney is a senior reporter at Protocol covering the semiconductor industry. He has worked for Barron's magazine as a Technology Reporter, and its sister site MarketWatch. He is based in San Francisco.


The great onshoring: Inside the transcontinental chip race

The second annual Trade and Technology Council emphasized the centrality of semiconductor onshoring to U.S.-EU military objectives.

For chip manufacturers, free-flowing subsidies for now might come at the cost of a potential overcapacity problem in the longer term.

Illustration: Christopher T. Fong/Protocol

The prospect of global conflict permeated the room at this year’s Trade and Technology Council, which concluded in France earlier this week. The second annual gathering of U.S. and EU officials yielded a joint statement that mentioned some form of “Russia” or “Ukraine” more frequently than “technology,” “regulation,” “investment,” “security” or “competition.”

The conflict in Ukraine, having already escalated into a U.S. proxy war, seemingly convinced the EU to fall in line with the American tech policy agenda.

Keep Reading Show less
Hirsh Chitkara

Hirsh Chitkara ( @HirshChitkara) is a reporter at Protocol focused on the intersection of politics, technology and society. Before joining Protocol, he helped write a daily newsletter at Insider that covered all things Big Tech. He's based in New York and can be reached at hchitkara@protocol.com.


2- and 3-wheelers dominate oil displacement by EVs

Increasingly widespread EV adoption is starting to displace the use of oil, but there's still a lot of work to do.

More electric mopeds on the road could be an oil demand game-changer.

Photo: Humphrey Muleba/Unsplash

Electric vehicles are starting to make a serious dent in oil use.

Last year, EVs displaced roughly 1.5 million barrels per day, according to a new analysis from BloombergNEF. That is more than double the share EVs displaced in 2015. The majority of the displacement is coming from an unlikely source.

Keep Reading Show less
Lisa Martine Jenkins

Lisa Martine Jenkins is a senior reporter at Protocol covering climate. Lisa previously wrote for Morning Consult, Chemical Watch and the Associated Press. Lisa is currently based in Brooklyn, and is originally from the Bay Area. Find her on Twitter ( @l_m_j_) or reach out via email (ljenkins@protocol.com).

Latest Stories