Biometric technologies are fast, convenient and increasingly common. But as the technology becomes more mainstream, so do the questions around privacy. Tina D’Agostin, CEO of Alcatraz, is well aware of the controversy around the use of biometrics and the privacy concerns that are held by some. However, her view is that biometrics are not inherently risky and that laws and regulations are the way forward to ensure a privacy first approach.
This summer, Colorado’s new privacy law (CPA) went into effect, joining a growing wave of legislation focused on how biometric data is used and protected. The new law imposes strict requirements on how biometric information is collected, stored, used and shared.
“And that’s a good thing,” says D’Agostin. “Guardrails are crucial as technology becomes increasingly integrated into our lives. The more biometrics are used, the more we need to ensure they’re used responsibly. Regulation helps protect individuals, guides companies on how to use the technology responsibly and holds any bad actors accountable.”
A common misconception is that biometrics are inherently invasive or compromise privacy. “In reality, modern biometric systems are designed to comply with evolving regulations and protect user data through encryption, consent-based use and strict data handling practices.”
According to Tina D’Agostin, biometrics are one of the most secure forms of identification available. Unlike physical ID cards and phones, they can not be easily lost, stolen or shared. And you do not hand them over at the grocery store, car rental counter or a restaurant, exposing personal details like your address or birth date.
“Take Alcatraz, for example,” she continues. “Our system turns a face into an encrypted digital template that we call a “digital blob” using a non-reversible 1-way algorithm that’s only used for one thing: verifying access against the ACS. We don’t store photos or personal data, share biometric data or collect more information than necessary.
And there’s no way to recreate an image of someone from these vectors. Our system uses liveness detection and 3D depth analysis to ensure a real, physical person is present, not a photo, video or spoof. This adds a critical layer of security without compromising privacy.”
Privacy-first biometrics safeguard the individual rather than exploit them, with systems that are opt-in, consent-driven and give users full control over their data.
The Alcatraz theory is that trust in biometric systems depends on strong data stewardship. That means end-to-end encryption and strict access controls behind the scenes. Privacy isn’t an afterthought; it’s a foundational principle that guides how we design and deliver secure identity experiences. “Biometrics shouldn’t come at the expense of privacy. With the right approach, they actually enhance it,” concluded Tina D’Agostin.
