Even so, the
database has grown to seven million voiceprints amid a controversy that puts
the spotlight on the privacy implications of the collection of biometric
information
In June 2018,
a British privacy campaign group called Big Brother Watch accused the country’s tax
authority of amassing the voiceprints of millions of people without asking
for their explicit consent.
Within six
months, more than 162,000 people would opt out
of the voice ID scheme of Her Majesty’s Revenue and Customs (HMRC) and
would have their biometric data deleted. While the thousands exercised their right
to be forgotten as enshrined in the European Union’s General Data Protection
Regulation (GDPR), another 2.1 million people joined the scheme between
June and December 2018, bringing the number of people with voiceprints on file
to around 7 million.
These
developments come on the heels of a controversy that came to a head last summer
when Big Brother Watch accused HMRC of “creating biometric ID cards by the back
door” for 5.1 million taxpayers. The campaigners alleged that “HRMC has in fact
railroaded taxpayers into this unprecedented ID scheme”, without providing a
straightforward opt-out method. HMRC introduced
the voice recognition system in January 2017.
Although there
was a way to say ‘no’ to the scheme – it required saying ‘no’ to
automated requests three times in a row – the opt-out route was not, in fact,
immediately obvious (as detailed
here). Instead, HMRC’s automated helpline instructed millions of callers to
repeat the phrase “My voice is my password” up to five times in order to create
a unique voiceprint for each of them and use it to verify the caller’s identity
in the future.
The issue has
also prompted the privacy campaigners to file a complaint with the Information
Commissioner’s Office (ICO). The UK’s data protection watchdog has yet to
decide on whether HMRC has been seeking user consent that is “freely given,
specific, informed and unambiguous”, another requirement set out in the GDPR.
Either way,
HMRC revamped the recording in July, introducing a clear option for callers to
turn down the voice ID, as well as delete their existing voiceprints. By the
taxman’s own admission, this option had not been stated explicitly before.
As noted in HMRC’s
Voice ID privacy notice, callers who reject the biometric option can
continue to answer security questions to access their HMRC accounts.
ESET UK
cybersecurity specialist Jake Moore views the news as a positive, but also
sounded a warning: “It’s very promising that people can now delete their
biometric voice data if they choose to. However, if HMRC took such data without
consent then this is a different story. People should be given the option from
the start whether to have their biometric data stored by the provider or not.
Usually, people will assume this data will also be encrypted and kept highly
secure, too”.
Meanwhile,
the tax agency has also had to respond to concerns about the security of the
collected data, not least because of the size of its database. HMRC has said
that the data is encrypted, stored in a data center in the UK, and is never
shared with anyone outside the agency.
HMRC is no
stranger to biometrics, having also embraced the technology on its mobile app
both for Android and iPhones. Besides authentication relying on a PIN code,
people can also prove their identity using face recognition and fingerprint
scanning.