Biometric Sovereignty Under Scrutiny Amid Global Tech Adoption

The debate over biometric sovereignty is intensifying as governments and companies in key markets, such as India, China, Mexico, and the European Union, implement identification technologies based on biological data. Concerns revolve around the control, storage, and use of this data by public and private actors.

Biometric sovereignty refers to the right of individuals and states to define how biometric data is collected, stored, and processed. This discussion becomes critical with the advance of technologies that use fingerprints, facial recognition, or iris scans to authenticate identities in banking services, social programs, border control, and citizen security. The increased adoption of these technologies has raised questions about who has real control over the data, and what risks exist in terms of privacy, mass surveillance, and algorithmic discrimination.

For example, while India’s Aadhaar system has made it possible to combat fraud and facilitate financial inclusion, it has faced multiple controversies due to data leaks, including one that exposed information on 1.1 billion users. In parallel, countries such as China have used biometric technologies for population surveillance, including DNA collection and facial recognition, particularly in regions such as Xinjiang. These measures have been documented and criticized by human rights organizations.

In response to these concerns, companies like Tools for Humanity have begun to develop solutions that prioritize individual control over biometric data. Worldcoin, one of its flagship projects, employs open source technology and avoids centralized storage in response to stricter regulatory requirements. "The system is designed in such a way that the data is not even stored centrally anywhere and no one would be able to access that data," says Alex Blania, CEO, Tools for Humanity.

The company recently announced a collaboration with Taiwan, a market with advanced privacy policies that prohibit the creation of central identity databases, setting a precedent in regulatory compliance and digital governance.

In the European Union, the General Data Protection Regulation (GDPR) imposes severe restrictions on the collection of biometric data. Cities such as Barcelona and Amsterdam have limited the use of facial recognition cameras in public spaces. Meanwhile, in Latin America, the adoption of biometric technologies is advancing without strong regulatory frameworks. Brazil has one of the largest biometric registries in the region. Argentina has implemented facial recognition in public transportation stations, while Colombia and Mexico have expanded the use of biometrics in banking, migration, and social programs.

In Mexico, the Digital Rights Defense Network (R3D) warned in April 2025 about the risks associated with legislative reforms that propose to centralize biometric data — including fingerprints and facial recognition — in the National Population Registry and CURP. According to R3D, these reforms compromise the rights of over 130 million people by creating a massive, mandatory database without sufficient privacy and cybersecurity safeguards.

Meanwhile, the global biometrics market continues to expand. According to estimates cited by Tools for Humanity, it is expected to reach a value in excess of US$83 billion by 2027. This growth, driven by the integration of AI and automated identity verification systems, poses a scenario in which technological development runs ahead of institutional regulation.

In this context, dialogue between technology companies and regulators becomes essential, especially as governments actively incorporate biometric solutions to mitigate risks associated with the proliferation of unverified digital technologies.