Refugees are buying groceries with iris scans. What could go wrong?

More than 80% of the refugees in Jordanian camps now use iris scans to pay for their groceries. Refugee advocates say this is a huge future privacy problem.

An iris scanner.

A refugee uses their iris to access their account.

Photo: KHALIL MAZRAAWI/AFP via Getty Images

Every day, tens of thousands of refugees in the two main camps in Jordan pay for their groceries and withdraw their cash not with a card, but with a scan of their eye.

Nowhere in the United States can someone pay for groceries with an iris scan (though the Department of Homeland Security is considering collecting iris scans from U.S. immigrants, and Clear uses iris scans to verify identities for paying customers at airports) — but in the Jordanian refugee camps, biometric scanners are an everyday sight at grocery stores and ATMs. More than 80% of the 33,000-plus refugees who receive cash assistance and (most of them Syrian) and live in these camps use the United Nations' Refugee Agency iris-scanning system, which verifies identity through eye scans in order to distribute cash and food refugee assistance. Refugees can opt out of the program, but verifying identity without it is so complex that most do not.

IrisGuard, the company that provides the technology, recently shared that nearly 2.3 million refugees are enrolled through its technology. The company touts that it provides a secure way for food-assistance programs to quickly verify refugee identity "with dignity." IrisGuard and the UN argue that the system reduces the likelihood of fraud from people who "dual-register" for extra benefits, and eye-scanning also cuts down on the complex paperwork usually required to verify identity.

Refugee advocate groups see the program as a living example of "tech solutionism" — the idea that advanced technology can and should solve fundamental world problems, regardless of whether there are simpler and less tech-oriented methods available. These groups often cite the concept of proportionality: that the risks mitigated by a technology are equivalent to the harms that could be caused by its use. "Is double registration really an issue in Jordan? Do we know how bad the fraud issue is?" asked Marwa Fatafta, a Middle East and North Africa policy manager at tech human rights advocacy group Access Now. "In this case, trying to enhance the shopping experience of refugees at supermarkets isn't exactly necessary or proportionate."

"If you compare the risks related to human rights versus the benefits of these kinds of programs, we immediately recognize that the risks are far more egregious and grave. In case that information is leaked, you can always change your password, but you can't change your biometric data, you can't change your iris scan," Fatafta said.

The recent news that after U.S. withdrawal finished in Afghanistan, the Taliban managed to claim and access a U.S.-created biometric database of Afghan refugees has increased concern for advocates like Fatafta. "If you look at what's happening in Afghanistan in terms of the Taliban taking control of biometric databases, it gives you a hint at the worst-case scenario of the future of mass collection of biometric data," she said.

Because refugees usually flee governments oppressing them, those governments have a vested interest in any data that would help them identify the people who've left and where they might be. In the case of the Jordanian camps, most refugees based there have fled the ongoing conflict in Syria over the last decade. And it's not just the Syrian government who might have an interest in this information — incontrovertible biometric data on millions of refugees is valuable to countless political actors in the region, all of whom might use it for their own goals, not for the best interest of refugees and not with their consent. Oppressive governments could use data on refugees to track where they travel; to deny them entry, passports or national identity documents if they later return to the country; or even jail people considered "dissidents," like many of those who have fled Syria.

"Being a refugee is supposed to be a temporary status," Fatafta explained. "In contexts like Kenya, we've seen how the biometric registration of refugees by UNHCR has resulted in one or two generations down the line not being able to obtain a national ID in Kenya."

The United Nations and IrisGuard say that they would never willingly provide any of that data to the Jordanian government (which hosts the camps), and that blockchain technology protects the payments from fraud. But Fatafta pointed out that no data is ever perfectly secure, and iris scans are especially vulnerable because they usually remain biologically correct for a person's entire life, meaning a scan conducted on a 10-year old refugee could be just as accurate 50 years later, when perhaps the UN has moved on from this particular program and the data languishes somewhere, becoming increasingly vulnerable over time.

The UN Refugee Agency did not respond to requests for comment, and IrisGuard declined to comment. Access Now sent a series of questions about data privacy and protection to the UN and IrisGuard; the UN replied with assurances that it is doing everything necessary to secure information, while IrisGuard never replied.

Children as young as five may have their irises scanned in the Jordanian camps, which also raises questions about their future consent on the use of the data, according to Fatafta. "Consent is a fundamental pillar of data protection. As a data subject, you have the ultimate agency over your personal information and what you want to share with governments or third parties, companies, whatever," she said. Children don't necessarily have this control, given that their scans as a child remain accurate as an adult.

"It's really hard to have meaningful consent in these situations where refugees are in dire need for humanitarian aid and service delivery, basic needs like food and clothes and cash," Fatafta said. Saying "no" to the fastest and most basic system to get essential food and cash would be exceptionally difficult for anyone in a humanitarian context, raising the question of whether the consent is really authentic for refugees in this situation.

While the system has now been widely adopted, the refugees living in the camps have said in the past that iris-scanning verification also takes away some of their personal freedoms. Paying with an eye at the supermarket makes it harder for people to share money with friends, send children or other family members to buy groceries for them, pool money with others or make other financial decisions once they have cash in hand. Some also feel that they don't have much of a choice in terms of whether they opt into using the system, according to a 2016 report.

"I think we got there because governments and organizations believe that technology is the bulletproof solution to many of those problems that we face. Having millions of refugees is not an easy problem, it's a huge challenge that requires fast and convenient delivery," Fatafta said. "There are companies that are happy to provide these technologies and profit off of those situations."


Judge Zia Faruqui is trying to teach you crypto, one ‘SNL’ reference at a time

His decisions on major cryptocurrency cases have quoted "The Big Lebowski," "SNL," and "Dr. Strangelove." That’s because he wants you — yes, you — to read them.

The ways Zia Faruqui (right) has weighed on cases that have come before him can give lawyers clues as to what legal frameworks will pass muster.

Photo: Carolyn Van Houten/The Washington Post via Getty Images

“Cryptocurrency and related software analytics tools are ‘The wave of the future, Dude. One hundred percent electronic.’”

That’s not a quote from "The Big Lebowski" — at least, not directly. It’s a quote from a Washington, D.C., district court memorandum opinion on the role cryptocurrency analytics tools can play in government investigations. The author is Magistrate Judge Zia Faruqui.

Keep ReadingShow less
Veronica Irwin

Veronica Irwin (@vronirwin) is a San Francisco-based reporter at Protocol covering fintech. Previously she was at the San Francisco Examiner, covering tech from a hyper-local angle. Before that, her byline was featured in SF Weekly, The Nation, Techworker, Ms. Magazine and The Frisc.

The financial technology transformation is driving competition, creating consumer choice, and shaping the future of finance. Hear from seven fintech leaders who are reshaping the future of finance, and join the inaugural Financial Technology Association Fintech Summit to learn more.

Keep ReadingShow less
The Financial Technology Association (FTA) represents industry leaders shaping the future of finance. We champion the power of technology-centered financial services and advocate for the modernization of financial regulation to support inclusion and responsible innovation.

AWS CEO: The cloud isn’t just about technology

As AWS preps for its annual re:Invent conference, Adam Selipsky talks product strategy, support for hybrid environments, and the value of the cloud in uncertain economic times.

Photo: Noah Berger/Getty Images for Amazon Web Services

AWS is gearing up for re:Invent, its annual cloud computing conference where announcements this year are expected to focus on its end-to-end data strategy and delivering new industry-specific services.

It will be the second re:Invent with CEO Adam Selipsky as leader of the industry’s largest cloud provider after his return last year to AWS from data visualization company Tableau Software.

Keep ReadingShow less
Donna Goodison

Donna Goodison (@dgoodison) is Protocol's senior reporter focusing on enterprise infrastructure technology, from the 'Big 3' cloud computing providers to data centers. She previously covered the public cloud at CRN after 15 years as a business reporter for the Boston Herald. Based in Massachusetts, she also has worked as a Boston Globe freelancer, business reporter at the Boston Business Journal and real estate reporter at Banker & Tradesman after toiling at weekly newspapers.

Image: Protocol

We launched Protocol in February 2020 to cover the evolving power center of tech. It is with deep sadness that just under three years later, we are winding down the publication.

As of today, we will not publish any more stories. All of our newsletters, apart from our flagship, Source Code, will no longer be sent. Source Code will be published and sent for the next few weeks, but it will also close down in December.

Keep ReadingShow less
Bennett Richardson

Bennett Richardson ( @bennettrich) is the president of Protocol. Prior to joining Protocol in 2019, Bennett was executive director of global strategic partnerships at POLITICO, where he led strategic growth efforts including POLITICO's European expansion in Brussels and POLITICO's creative agency POLITICO Focus during his six years with the company. Prior to POLITICO, Bennett was co-founder and CMO of Hinge, the mobile dating company recently acquired by Match Group. Bennett began his career in digital and social brand marketing working with major brands across tech, energy, and health care at leading marketing and communications agencies including Edelman and GMMB. Bennett is originally from Portland, Maine, and received his bachelor's degree from Colgate University.


Why large enterprises struggle to find suitable platforms for MLops

As companies expand their use of AI beyond running just a few machine learning models, and as larger enterprises go from deploying hundreds of models to thousands and even millions of models, ML practitioners say that they have yet to find what they need from prepackaged MLops systems.

As companies expand their use of AI beyond running just a few machine learning models, ML practitioners say that they have yet to find what they need from prepackaged MLops systems.

Photo: artpartner-images via Getty Images

On any given day, Lily AI runs hundreds of machine learning models using computer vision and natural language processing that are customized for its retail and ecommerce clients to make website product recommendations, forecast demand, and plan merchandising. But this spring when the company was in the market for a machine learning operations platform to manage its expanding model roster, it wasn’t easy to find a suitable off-the-shelf system that could handle such a large number of models in deployment while also meeting other criteria.

Some MLops platforms are not well-suited for maintaining even more than 10 machine learning models when it comes to keeping track of data, navigating their user interfaces, or reporting capabilities, Matthew Nokleby, machine learning manager for Lily AI’s product intelligence team, told Protocol earlier this year. “The duct tape starts to show,” he said.

Keep ReadingShow less
Kate Kaye

Kate Kaye is an award-winning multimedia reporter digging deep and telling print, digital and audio stories. She covers AI and data for Protocol. Her reporting on AI and tech ethics issues has been published in OneZero, Fast Company, MIT Technology Review, CityLab, Ad Age and Digiday and heard on NPR. Kate is the creator of RedTailMedia.org and is the author of "Campaign '08: A Turning Point for Digital Media," a book about how the 2008 presidential campaigns used digital media and data.

Latest Stories