According to its announcement, the Natural Security Alliance’s new Privacy Rules help biometric authentication systems dictate an organization’s obligations when collecting and handling personal data.

The basis for the Privacy Rules can be attributed to the “accountability principle” established by the Article 29 Working Party, an independent advisory body established by the European Parliament to investigate concerns of personal data and privacy, as well as concepts around the application of biometrics from the EU’s National Data Protection Authorities.

Essentially the new Privacy Rules helps ensure that biometric data is secure and confidential, minimizing the risk of misuse, and that the data subject (ie. the person whose data is stored) has consented to the data collection and that they have some control over their data and its use.

Also, it encourages organizations to only use the minimum amount of data necessary for authentication – often involving the conversion of raw data into metadata – and discarding the raw data.

This also helps limit misuse of data because, if obtained, if could be in a form that wouldn’t be useful to a scammer.

Additionally, the Alliance has developed two instruments: the certification and the mark, which ensure that products and organizations integrating the Natural Security Standard comply with the technical specifications.

Certified products are deemed “genuine”, and able to communicate with other certified products as part of a genuine Natural Security environment.

The Natural Security mark shows data subjects that the organizations that handle their data comply with the Natural Security Standard.