Information Commissioner considers legal action against users of facial recognition technology 

Facial recognition technology in public spaces “can be particularly intrusive” and its use lacks transparency, said the UK’s Information Commissioner.

Biometric data, including databases of facial images, in conjunction with automatic facial recognition technology (FRT) has been available for some time “but the ability of the technology to be linked to different online databases, with mobile and fixed camera systems, in real time, greatly increases its reach and impact” said Elizabeth Denham.

FRT is increasingly deployed by police forces at public events and football matches to apprehend offenders and prevent crimes from occuring.

“But how facial recognition technology is used in public spaces can be particularly intrusive. It’s a real step change in the way law-abiding people are monitored as they go about their daily lives. . There is a lack of transparency about its use and is a real risk that the public safety benefits derived from the use of FRT will not be gained if public trust is not addressed.

“At another level, I have been deeply concerned about the absence of national level co-ordination in assessing the privacy risks and a comprehensive governance framework to oversee FRT deployment.”

Denham said she welcomed Baroness Williams’ recent confirmation of the establishment of an oversight panel which Denham, the Biometrics Commissioner, and the Surveillance Camera Commissioner (SCC), will be members. She also welcomed the recent appointment of a National Police Chiefs Council (NPCC) lead for the governance of the use of FRT technology in public spaces.

A key component of any FRT system is the underlying database of images the system matches to. The use of images collected when individuals are taken into custody is of concern, said Denham; there are over 19 million images in the Police National Computer (PNC) database.

“I am also considering the transparency and proportionality of retaining these photographs as a separate issue, particularly for those arrested but not charged for certain offences. The Biometrics Commissioner has also raised these concerns.

“For the use of FRT to be legal, the police forces must have clear evidence to demonstrate that the use of FRT in public spaces is effective in resolving the problem that it aims to address, and that no less intrusive technology or methods are available to address that problem.

“Strengthened data protection rules coming into law next week require organisations to assess the risks of using new and intrusive technologies, particularly involving biometric data, in a data protection impact   and provide it to my office when the risks are difficult to address.

“I will also carefully consider the reports recently issued by Civil Society, Big Brother Watch in the UK and the Electronic Frontier Foundation in the US.”

Denham said a “robust response” to the many unanswered questions around FRT is vital to gain trust. These include: How does the use of FRT in this way comply with the law?; How effective and accurate is the technology?; How do forces guard against bias?; What protections are there for people that are of no interest to the police?; How do the systems guard against false positives and the negative impact of them?

“I have identified FRT by law enforcement as a priority area for my office and I recently wrote to the Home Office and the NPCC setting out my concerns,” said Denham in a blog post. “Should my concerns not be addressed I will consider what legal action is needed to ensure the right protections are in place for the public.”