Every day, tens of thousands of refugees in the two main camps in Jordan pay for their groceries and withdraw their cash not with a card, but with a scan of their eye.
Nowhere in the United States can someone pay for groceries with an iris scan (though the Department of Homeland Security is considering collecting iris scans from U.S. immigrants, and Clear uses iris scans to verify identities for paying customers at airports) — but in the Jordanian refugee camps, biometric scanners are an everyday sight at grocery stores and ATMs. More than 80% of the 33,000-plus refugees who receive cash assistance and (most of them Syrian) and live in these camps use the United Nations' Refugee Agency iris-scanning system, which verifies identity through eye scans in order to distribute cash and food refugee assistance. Refugees can opt out of the program, but verifying identity without it is so complex that most do not.
IrisGuard, the company that provides the technology, recently shared that nearly 2.3 million refugees are enrolled through its technology. The company touts that it provides a secure way for food-assistance programs to quickly verify refugee identity "with dignity." IrisGuard and the UN argue that the system reduces the likelihood of fraud from people who "dual-register" for extra benefits, and eye-scanning also cuts down on the complex paperwork usually required to verify identity.
Refugee advocate groups see the program as a living example of "tech solutionism" — the idea that advanced technology can and should solve fundamental world problems, regardless of whether there are simpler and less tech-oriented methods available. These groups often cite the concept of proportionality: that the risks mitigated by a technology are equivalent to the harms that could be caused by its use. "Is double registration really an issue in Jordan? Do we know how bad the fraud issue is?" asked Marwa Fatafta, a Middle East and North Africa policy manager at tech human rights advocacy group Access Now. "In this case, trying to enhance the shopping experience of refugees at supermarkets isn't exactly necessary or proportionate."
"If you compare the risks related to human rights versus the benefits of these kinds of programs, we immediately recognize that the risks are far more egregious and grave. In case that information is leaked, you can always change your password, but you can't change your biometric data, you can't change your iris scan," Fatafta said.
The recent news that after U.S. withdrawal finished in Afghanistan, the Taliban managed to claim and access a U.S.-created biometric database of Afghan refugees has increased concern for advocates like Fatafta. "If you look at what's happening in Afghanistan in terms of the Taliban taking control of biometric databases, it gives you a hint at the worst-case scenario of the future of mass collection of biometric data," she said.
Because refugees usually flee governments oppressing them, those governments have a vested interest in any data that would help them identify the people who've left and where they might be. In the case of the Jordanian camps, most refugees based there have fled the ongoing conflict in Syria over the last decade. And it's not just the Syrian government who might have an interest in this information — incontrovertible biometric data on millions of refugees is valuable to countless political actors in the region, all of whom might use it for their own goals, not for the best interest of refugees and not with their consent. Oppressive governments could use data on refugees to track where they travel; to deny them entry, passports or national identity documents if they later return to the country; or even jail people considered "dissidents," like many of those who have fled Syria.
"Being a refugee is supposed to be a temporary status," Fatafta explained. "In contexts like Kenya, we've seen how the biometric registration of refugees by UNHCR has resulted in one or two generations down the line not being able to obtain a national ID in Kenya."
The United Nations and IrisGuard say that they would never willingly provide any of that data to the Jordanian government (which hosts the camps), and that blockchain technology protects the payments from fraud. But Fatafta pointed out that no data is ever perfectly secure, and iris scans are especially vulnerable because they usually remain biologically correct for a person's entire life, meaning a scan conducted on a 10-year old refugee could be just as accurate 50 years later, when perhaps the UN has moved on from this particular program and the data languishes somewhere, becoming increasingly vulnerable over time.
The UN Refugee Agency did not respond to requests for comment, and IrisGuard declined to comment. Access Now sent a series of questions about data privacy and protection to the UN and IrisGuard; the UN replied with assurances that it is doing everything necessary to secure information, while IrisGuard never replied.
Children as young as five may have their irises scanned in the Jordanian camps, which also raises questions about their future consent on the use of the data, according to Fatafta. "Consent is a fundamental pillar of data protection. As a data subject, you have the ultimate agency over your personal information and what you want to share with governments or third parties, companies, whatever," she said. Children don't necessarily have this control, given that their scans as a child remain accurate as an adult.
"It's really hard to have meaningful consent in these situations where refugees are in dire need for humanitarian aid and service delivery, basic needs like food and clothes and cash," Fatafta said. Saying "no" to the fastest and most basic system to get essential food and cash would be exceptionally difficult for anyone in a humanitarian context, raising the question of whether the consent is really authentic for refugees in this situation.
While the system has now been widely adopted, the refugees living in the camps have said in the past that iris-scanning verification also takes away some of their personal freedoms. Paying with an eye at the supermarket makes it harder for people to share money with friends, send children or other family members to buy groceries for them, pool money with others or make other financial decisions once they have cash in hand. Some also feel that they don't have much of a choice in terms of whether they opt into using the system, according to a 2016 report.
"I think we got there because governments and organizations believe that technology is the bulletproof solution to many of those problems that we face. Having millions of refugees is not an easy problem, it's a huge challenge that requires fast and convenient delivery," Fatafta said. "There are companies that are happy to provide these technologies and profit off of those situations."