A woman strolls into a grocery store, thinking about grabbing some apples. Before she even reaches the produce aisle, a security camera has scanned her face. Whether the system is checking for shoplifters or simply logging her arrival, her face has joined a digital ledger, a trace she can’t easily erase. Retailers, banks, airports, stadiums and office buildings are doing the same.

But what if the woman’s facial information is stolen or misused? If a cybercriminal steals her password, she can change it. If they acquire her credit card number, she can cancel the card. But she can’t reset or revoke the appearance of her cheekbones.

Facial recognition systems don’t keep actual images. They convert a face into a mathematical template that maps the positions and proportions of the face’s features. When another camera scans a person later, the system checks their live face against these templates to confirm an identity.

In my work as a cybersecurity professor at Rochester Institute of Technology, I have found that even though templates are more secure than photos – which anyone online can capture and manipulate – templates, too, can be stolen. Once that happens, these digital keys create a lifelong vulnerability. If a facial recognition database is breached, the “locks” that a template opens – accessing a bank app, getting through security at an airport, entering an office building – can’t be reset. A person’s face is permanent, and so is the threat.

The threat isn’t theoretical. Biometric data has been stolen in data breaches. In 2024, biometric data from a facial recognition system used at bars and clubs in Australia was hacked. And in 2019, biometric data from a pilot facial recognition system set up by U.S. Customs and Border Protection was breached in an attack on a subcontractor’s network. It’s not clear whether anyone’s stolen biometric data has been exploited, however.

Tracking your face

All biometric identifiers carry risks. Fingerprints and iris scans, however, are typically used in controlled situations, such as unlocking a person’s phone or allowing someone to enter a building. In these cases, a person has to deliberately look at a scanner. Cameras in public spaces, in contrast, can capture faces as people walk by, from a distance and without the people whose faces are scanned realizing it.

If a fingerprint or iris database is breached, a thief still needs to physically present that finger or eye, or a fake of it, to a scanner. However, someone could match a stolen facial template against images from surveillance cameras or photos circulating online, making it easier to identify a person of interest or track someone’s movements and activities.

There’s also a big difference, technically and ethically, between keeping a face on a phone versus handing it over to a database. On modern Apple devices and many Android systems, biometric data used to unlock the devices is stored locally in a dedicated hardware chip and is not shared with the manufacturer or cloud services for authentication. As a result, a breach of corporate or cloud systems would not expose these device-level biometric templates.

Some street and security cameras in public are passive, just watching as people pass by, with no long-term records. But others may be following people’s steps, linking faces to databases and creating a persistent digital trail. The risk rises when organizations use systems to track particular people across multiple databases. Airport systems could compare a traveler’s face against passport or airline databases. Stadiums may compare faces against local security watch lists or law enforcement lists. The company that manages Madison Square Garden has used facial recognition to bar entry to lawyers at firms that represented people who sued the company.

Some large retail chains, such as Wegmans and Target, also use facial recognition systems in their theft prevention efforts. Every new capture adds another permanent record.

Many companies do not have expertise in cybersecurity and rely on third-party vendors to manage their data. If those centralized systems are breached – or the datasets are linked across platforms, vendors or data brokers – your face can become a sort of persistent identifier, which can be used to expose or track you. In some cases, when combined with other compromised data, your captured face can lower the barrier to impersonating you.

When a person’s face meets their data

A face can function like a “primary key” – a unique and stable identifier that connects records. If one database links a facial template to an email address, and a data breach connects that email to financial or personal records, an identity thief with a stolen template could access all that information.

And combining a template with AI tools such as deepfakes or three-dimensional face models could, in some cases, allow a criminal to impersonate an individual in systems that require proof of a live face, slipping into a forged digital identity like slipping into a costume.

When criminals combine biometric templates with other leaked data, such as logins for social media profiles or home addresses, they can build “super-profiles” connected to many of a person’s activities. Because the face acts as a permanent linking key, this level of identity theft is difficult to reverse.

How to minimize the threat

People are still figuring out how to live with widespread biometric collection. The convenience of smoothly passing security checks or making purchases is appealing, but it often comes with a permanent risk to privacy and security.

To lessen the threat, organizations can follow several data privacy best practices. They can keep only information that is necessary, erase the rest quickly and encrypt every mathematical template. They can store only encrypted templates rather than raw photos. They can use safeguarding techniques, such as the latest liveness detection techniques, to help ensure that their systems are interacting with real people rather than photographs, masks or deepfakes. And they can adopt a privacy-by-design approach, which means they will keep data only as long as necessary, clearly document how it’s used and restrict who has access.

Consumers can take steps as well. In places with privacy laws, such as California, Illinois and the European Union, people can submit a data access request to see what biometric data a company holds and, in some cases, ask for its deletion. They can also ask retailers anywhere what data is collected, how long it is kept and how it’s protected.

Jonathan S. Weissman does not work for, consult, own shares in or receive funding from any company or organization that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.

Decades after researches first sequenced the human genome, scientists throughout the world are still working to understand it. Despite diligent global efforts to link uncommon variations in DNA sequences with human disease, progress has been slow, in large part due to limitations in scientific understanding and in part due to limitations in computational technologies.

Artificial intelligence has the potential to help scientists decipher the millions of genetic variations present in the genomes of different people in order to identify which ones lead to disease and which ones do not. In order to fully exploit the power of AI, however, scientists need to compare the genomes of thousands or tens of thousands of people. This task not only requires intense computational effort, it is also prone to error and will take years to complete.

Quantum computing has the potential to facilitate that process. We are researchers with a long-standing interest in finding ways to use genetics in the clinic and developing new technologies to study the human genome. Combining quantum computing with AI has the potential to accelerate genomic analysis far beyond traditional methods. For time-sensitive medical conditions, faster decoding of genetic information can directly inform urgent treatment decisions and, in some cases, be lifesaving.

Conventional vs. quantum computing

In conventional computing, individual bits of information – binary digits, also called bits – can represent only two states: namely, 0 and 1.

However, the qubits used in quantum computing can have more than two distinct states. Adding qubits together increases the number of states exponentially. The power of quantum computers lies in being able to check all the possibilities at once for problems with large numbers of variables, rather than one at a time like even the fastest possible classical computer must do. This allows quantum computers to solve certain types of problems, such as factoring large numbers for today’s encryption schemes and performing combinatorial optimization to find the best route through a large number of points.

Still, quantum computing is currently in its infancy. Despite the enormous potential of this technology, computer scientists are dealing with challenges related to its scalability, error correction, hardware development and the setting of standards.

There are also significant time and cost constraints associated with ameliorating these challenges. Experts in the field estimate that it may be at least a decade before quantum computing will be truly useful outside of the laboratory.

Bigger and better data analysis

If researchers are able to overcome these challenges, combining AI and quantum computing may not only enable scientists and clinicians to better understand the human genome but also to leverage that understanding to improve patient care.

Currently, researchers are able to use AI to analyze genomic data in combination with limited amounts of other biological information, such as gene activity, epigenomics, RNA signatures and protein function. Quantum computing could allow AI to process increasingly more massive and highly detailed datasets.

This might look like integrating large-scale genetic, protein and spatial datasets with clinical, demographic and real-time physiological data. This systems-level approach enables a more comprehensive and accurate understanding of complex biological systems beyond DNA sequence alone that could be used to improve public health.

In other words, quantum computing could make it possible to sequence a patient’s genome and combine that information with other information about how their body works at the molecular level to improve the accuracy of diagnoses and determine the best course of treatment in hours instead of months.

Challenges in access and privacy

Like many burgeoning technologies, combining AI with quantum computing has inherent and inescapable challenges. In particular, there are several ethical issues related to healthcare access.

One will be the cost. New technologies are typically expensive and that will likely widen the gap between those who can afford the best healthcare and those who cannot. Anticipating these costs and finding preemptive creative solutions is necessary to allow everyone to benefit equally.

While there are likely many approaches to reducing out-of-pocket expenses for healthcare, federal legislation could mandate affordable or free genetic information-based care to those in greatest financial need. Similar to the 2008 Genetic Information Nondiscrimination Act, which prohibits discrimination based on genetics, a new law could prohibit healthcare providers from withholding genetic information-based care from those who cannot afford it.

Another challenge will be availability. These technologies will likely first be available at only the top medical centers in the country, which traditionally have the research funding and the cadre of skilled scientists and clinicians needed to develop new diagnostic methods and treatments. Consequently, the latest advances in health technology will be unavailable to people who physically or financially cannot travel to receive the best medical care.

A combination of telemedicine, centralized laboratories and shared data could potentially help make new technologies more accessible.

There are also privacy concerns intrinsic to sharing personal health data. Truly anonymizing personal information remains a challenge, and privacy concerns are likely to prevent some people from taking advantage of potentially lifesaving technologies.

One approach that may quell these fears is a model called federated blockchain governance. This approach involves sharing control of a blockchain, which is a digital ledger used to track transactions, among a small group of institutions rather than a single entity or the general public. Limiting the number of trusted curators of genetic data reduces the risk of privacy violations or security breaches and subsequently increases the chance that patient data will remain private.

Improving public health

Despite these challenges, combining advances in quantum computing and AI has the potential to significantly drive innovation and improve public health.

When scientists and clinicians are able to accurately identify the genetic basis of disease and potential risk factors, they will not only be able to develop better treatments but also help patients and healthcare providers know what symptoms to look for among those predisposed to certain conditions.

Taken together, this knowledge can improve public health, reduce the cost of healthcare and improve quality of life.

The authors do not work for, consult, own shares in or receive funding from any company or organization that would benefit from this article, and have disclosed no relevant affiliations beyond their academic appointment.