Protocol | Policy

Refugees are buying groceries with iris scans. What could go wrong?

More than 80% of the refugees in Jordanian camps now use iris scans to pay for their groceries. Refugee advocates say this is a huge future privacy problem.

An iris scanner.

A refugee uses their iris to access their account.

Photo: KHALIL MAZRAAWI/AFP via Getty Images

Every day, tens of thousands of refugees in the two main camps in Jordan pay for their groceries and withdraw their cash not with a card, but with a scan of their eye.

Nowhere in the United States can someone pay for groceries with an iris scan (though the Department of Homeland Security is considering collecting iris scans from U.S. immigrants, and Clear uses iris scans to verify identities for paying customers at airports) — but in the Jordanian refugee camps, biometric scanners are an everyday sight at grocery stores and ATMs. More than 80% of the 33,000-plus refugees who receive cash assistance and (most of them Syrian) and live in these camps use the United Nations' Refugee Agency iris-scanning system, which verifies identity through eye scans in order to distribute cash and food refugee assistance. Refugees can opt out of the program, but verifying identity without it is so complex that most do not.

IrisGuard, the company that provides the technology, recently shared that nearly 2.3 million refugees are enrolled through its technology. The company touts that it provides a secure way for food-assistance programs to quickly verify refugee identity "with dignity." IrisGuard and the UN argue that the system reduces the likelihood of fraud from people who "dual-register" for extra benefits, and eye-scanning also cuts down on the complex paperwork usually required to verify identity.

Refugee advocate groups see the program as a living example of "tech solutionism" — the idea that advanced technology can and should solve fundamental world problems, regardless of whether there are simpler and less tech-oriented methods available. These groups often cite the concept of proportionality: that the risks mitigated by a technology are equivalent to the harms that could be caused by its use. "Is double registration really an issue in Jordan? Do we know how bad the fraud issue is?" asked Marwa Fatafta, a Middle East and North Africa policy manager at tech human rights advocacy group Access Now. "In this case, trying to enhance the shopping experience of refugees at supermarkets isn't exactly necessary or proportionate."

"If you compare the risks related to human rights versus the benefits of these kinds of programs, we immediately recognize that the risks are far more egregious and grave. In case that information is leaked, you can always change your password, but you can't change your biometric data, you can't change your iris scan," Fatafta said.

The recent news that after U.S. withdrawal finished in Afghanistan, the Taliban managed to claim and access a U.S.-created biometric database of Afghan refugees has increased concern for advocates like Fatafta. "If you look at what's happening in Afghanistan in terms of the Taliban taking control of biometric databases, it gives you a hint at the worst-case scenario of the future of mass collection of biometric data," she said.

Because refugees usually flee governments oppressing them, those governments have a vested interest in any data that would help them identify the people who've left and where they might be. In the case of the Jordanian camps, most refugees based there have fled the ongoing conflict in Syria over the last decade. And it's not just the Syrian government who might have an interest in this information — incontrovertible biometric data on millions of refugees is valuable to countless political actors in the region, all of whom might use it for their own goals, not for the best interest of refugees and not with their consent. Oppressive governments could use data on refugees to track where they travel; to deny them entry, passports or national identity documents if they later return to the country; or even jail people considered "dissidents," like many of those who have fled Syria.

"Being a refugee is supposed to be a temporary status," Fatafta explained. "In contexts like Kenya, we've seen how the biometric registration of refugees by UNHCR has resulted in one or two generations down the line not being able to obtain a national ID in Kenya."

The United Nations and IrisGuard say that they would never willingly provide any of that data to the Jordanian government (which hosts the camps), and that blockchain technology protects the payments from fraud. But Fatafta pointed out that no data is ever perfectly secure, and iris scans are especially vulnerable because they usually remain biologically correct for a person's entire life, meaning a scan conducted on a 10-year old refugee could be just as accurate 50 years later, when perhaps the UN has moved on from this particular program and the data languishes somewhere, becoming increasingly vulnerable over time.

The UN Refugee Agency did not respond to requests for comment, and IrisGuard declined to comment. Access Now sent a series of questions about data privacy and protection to the UN and IrisGuard; the UN replied with assurances that it is doing everything necessary to secure information, while IrisGuard never replied.

Children as young as five may have their irises scanned in the Jordanian camps, which also raises questions about their future consent on the use of the data, according to Fatafta. "Consent is a fundamental pillar of data protection. As a data subject, you have the ultimate agency over your personal information and what you want to share with governments or third parties, companies, whatever," she said. Children don't necessarily have this control, given that their scans as a child remain accurate as an adult.

"It's really hard to have meaningful consent in these situations where refugees are in dire need for humanitarian aid and service delivery, basic needs like food and clothes and cash," Fatafta said. Saying "no" to the fastest and most basic system to get essential food and cash would be exceptionally difficult for anyone in a humanitarian context, raising the question of whether the consent is really authentic for refugees in this situation.

While the system has now been widely adopted, the refugees living in the camps have said in the past that iris-scanning verification also takes away some of their personal freedoms. Paying with an eye at the supermarket makes it harder for people to share money with friends, send children or other family members to buy groceries for them, pool money with others or make other financial decisions once they have cash in hand. Some also feel that they don't have much of a choice in terms of whether they opt into using the system, according to a 2016 report.

"I think we got there because governments and organizations believe that technology is the bulletproof solution to many of those problems that we face. Having millions of refugees is not an easy problem, it's a huge challenge that requires fast and convenient delivery," Fatafta said. "There are companies that are happy to provide these technologies and profit off of those situations."

Protocol | Workplace

The whiteboard wars: Miro and Figma want to make meetings better

Miro and Figma separately launched features on Tuesday aimed at improving collaboration on their platforms.

Whiteboard rivals Miro and Figma each released collaboration improvements.

Logos: Figma and Miro

We expect a lot from our productivity tools these days. You can't just stroll over to your team members' desks and show them what you're working on anymore. Most of those interactions need to happen online, and it's even better if the work and the communication can happen in one place. Miro and Figma — competitors in the collaborative whiteboard space — understand how critical remote collaboration is, and are both working to up their meeting game.

This week, both platforms announced features aimed at improving the collaboration experience, each vying to be the home base for teams to work and hang out together. Figma announced updates to its multiplayer whiteboard FigJam, and Miro announced a new set of tools that it's calling Miro Smart Meetings. Figma's goal is to make FigJam more customizable and accessible for everyone; Miro wants to be the best place for content-centered, professional meetings. They both want to be the go-to hub for teams looking to get stuff done.

Keep Reading Show less
Lizzy Lawrence

Lizzy Lawrence ( @LizzyLaw_) is a reporter at Protocol, covering tools and productivity in the workplace. She's a recent graduate of the University of Michigan, where she studied sociology and international studies. She served as editor in chief of The Michigan Daily, her school's independent newspaper. She's based in D.C., and can be reached at llawrence@protocol.com.

The way we work has fundamentally changed. COVID-19 upended business dealings and office work processes, putting into hyperdrive a move towards digital collaboration platforms that allow teams to streamline processes and communicate from anywhere. According to the International Data Corporation, the revenue for worldwide collaboration applications increased 32.9 percent from 2019 to 2020, reaching $22.6 billion; it's expected to become a $50.7 billion industry by 2025.

"While consumers and early adopter businesses had widely embraced collaborative applications prior to the pandemic, the market saw five years' worth of new users in the first six months of 2020," said Wayne Kurtzman, research director of social and collaboration at IDC. "This has cemented collaboration, at least to some extent, for every business, large and small."

Keep Reading Show less
Kate Silver

Kate Silver is an award-winning reporter and editor with 15-plus years of journalism experience. Based in Chicago, she specializes in feature and business reporting. Kate's reporting has appeared in the Washington Post, The Chicago Tribune, The Atlantic's CityLab, Atlas Obscura, The Telegraph and many other outlets.

Protocol | Workplace

Hybrid work is here to stay. Here’s how to do it better.

We've recovered from the COVID-19 digital collaboration whiplash. Now we must build a more intentional model for hybrid work.

This is a call to managers to understand the mundane or unwanted projects their employees face, and what work excites them.

Photo: Adobe

Ashley Still is Adobe's Senior Vice President of Digital Media – Marketing, Strategy & Global Partnerships.

When COVID-19 hit, we were forced into a fully digital mode of business operation. Overnight, we adopted available remote work tools — even if imperfect, they were the best tools for the job.

Keep Reading Show less
Ashley Still
As Senior Vice President, Digital Media – Marketing, Strategy & Global Partnerships, Ashley Still leads product marketing and business development for Adobe's flagship Creative Cloud and Document Cloud offerings. This includes iconic software brands such as Photoshop, Lightroom, Illustrator, InDesign and Acrobat. Her expanded remit now includes Adobe's strategic partnership work with technology companies globally, including Apple, Microsoft and Google; and driving Adobe's fast-growing mobile app business. Her team is also responsible for the demand generation marketing campaigns that makes Adobe the market-leader, across creative and document productivity segments. Previously she was Vice President and General Manager, Adobe Creative Cloud for Enterprise. Here her team delivered an integrated content creation, collaboration and publishing solution that securely enables brands to create exceptional design and content. Prior to this, Ashley was Senior Director of Product & Marketing for Adobe Primetime, an Internet television platform used by Comcast, Turner, NBC Sports and other global media companies to deliver TV content and dynamic advertising to any Internet device. Under Ashley's leadership, Adobe Primetime won an Emmy Award for the Adobe Pass TV-Everywhere service. Ashley joined Adobe in 2004 following her internship with the company and held several product management positions for Adobe Photoshop. Still earned her Bachelor of Arts degree from Yale University and her Masters degree from Stanford Graduate School of Business.
Protocol | Workplace

Meet the productivity app influencers

Within the realm of productivity influencing, there is a somewhat surprising sect: Creators who center their content around a specific productivity app.

People are making content and building courses based off of their favorite productivity apps.

Photos: Courtesy

This is the creators' internet. The rest of us are just living in it. We're accustomed to the scores of comedy TikTokers, beauty YouTubers and lifestyle Instagram influencers gracing our feeds. A significant portion of these creators are productivity gurus, advising their followers on how they organize their lives.

Within the realm of productivity influencing, there's a surprising sect: Creators who center their content around a specific productivity app. They're a powerful part of these apps' ecosystems, drawing users to the platform and offering helpful tips and tricks. Notion in particular has a huge influencer family, with #notion gaining millions of views on TikTok.

Keep Reading Show less
Lizzy Lawrence

Lizzy Lawrence ( @LizzyLaw_) is a reporter at Protocol, covering tools and productivity in the workplace. She's a recent graduate of the University of Michigan, where she studied sociology and international studies. She served as editor in chief of The Michigan Daily, her school's independent newspaper. She's based in D.C., and can be reached at llawrence@protocol.com.

Payments Infrastructure

Power Index: Payments Infrastructure

A data-driven ranking of the most powerful players in tech — and the challengers best positioned to disrupt them.

Welcome back to the Protocol Power Index, a ranking of the most powerful companies by tech industry subsector, as well as the companies best positioned to challenge them. This time: payments infrastructure.

The payments stack has been evolving dramatically in the last decade with the rise of ecommerce and new forms of money transfers, and though it's a sector that's been touched by Midas through each of its iterations, there's somehow still space for newcomers to be minted. Payments giants have ceded coveted territory to new market entrants during the process, but they are hardly down for the count.

Keep Reading Show less
Hirsh Chitkara
Hirsh Chitkara (@ChitkaraHirsh) is a researcher at Protocol, based out of New York City. Before joining Protocol, he worked for Business Insider Intelligence, where he wrote about Big Tech, telecoms, workplace privacy, smart cities, and geopolitics. He also worked on the Strategy & Analytics team at the Cleveland Indians.
Latest Stories