FB pixel

NTIA finalizes commercial facial recognition code of conduct

 

The National Telecommunications and Information Administration (NTIA) finalized its privacy guidelines for the commercial use of facial recognition last week.

Facial recognition potentially impacts a range of industry participants, including: developers of facial recognition software; retailers that employ recognition-enabled camera systems; providers of online services; and game console developers, among others.

Over the past two years, stakeholders involved in the guideline development process discussed how to ensure that consumers’ rights to control, transparency, security, access and accuracy are respected.

The process was part of the framework set forth in the White House’s “Privacy Blueprint” strategy. The Privacy Blueprint directed the NTIA to convene a series of multi-stakeholder processes that apply the Consumer Privacy Bill of Rights to particular business contexts, which included the creation of a code of conduct for the commercial use of facial recognition.

The stakeholders, according to the National Law Review, recommended in the final code of conduct that commercial entities do the following:

• Disclose their practices regarding collection, storage, and use of facial template data to consumers, including any sharing, retention, and de-identification policies;
• Provide notice to consumers where facial recognition is used on a physical premises;
• Consider privacy concerns when developing data management programs;
• Protect facial recognition data by implementing a program that contains administrative, technical, and physical safeguards appropriate to the entity’s size, complexity, the nature of its activities, and the sensitivity of the data;
• Take reasonable steps to maintain the integrity of the data collected; and,
• Provide a means for consumers to contact the entity regarding its use of the data.

Trade organizations involved in the process, including the Consumer Technology Association, the Interactive Advertising Bureau, NetChoice, the Software & Information Industry Association and the International Biometrics Industry Association (IBIA), were generally pleased with process. In statements issued at the conclusion of the process, they noted that the code of conduct would give businesses that employ facial recognition technology greater certainty about how the Privacy Blueprint’s principles apply to them.

“The clear benefits of facial recognition technology come with a responsibility to users and customers,” said Tovah LaDier, Managing Director of IBIA. “These privacy best practices will help to assure the public that facial recognition is being used responsibly and accountably. They also demonstrate the strong commitment of the industry to protecting the public’s privacy, even as new technologies and applications emerge.”

“The best practices will advance privacy, transparency and accountability among the entities that use facial recognition technology,” said Software & Information Industry Association SVP Mark MacCarthy. “As FRT applications and business models rapidly evolve, the best practices will help ensure that consumer privacy is respected and new technologies are responsibly adopted.”

“CTA is proud to be among the key industry stakeholders supporting best practices for facial recognition technologies that balance consumer protection with technological innovation,” said Alex Reynolds, director, regulatory affairs for the Consumer Technology Association. “Facial recognition tech is a rapidly developing innovation we should welcome and embrace, and we thank NTIA staff for their diligent and expert support throughout the meetings.”

“IAB thanks the NTIA for convening a privacy multistakeholder process on facial recognition technology,” said David Grimaldi, EVP of public policy for the Interactive Advertising Bureau (IAB). “Over the past 28 months we have had the opportunity to learn from a broad set of stakeholders and experts in the field of facial recognition technology. As a result of this dialogue, we are better informed about how this still-nascent technology will need to coexist with consumer expectations. We look forward to future evolutions of this conversation.”

While the process was embraced by many businesses, BiometricUpdate.com previously reported that several stakeholders withdrew from the process, including: the Center for Digital Democracy, the Center on Privacy and Technology, the American Civil Liberties Union (ACLU), Common Sense Media, the Center for Democracy & Technology (CDT), Consumer Federation of America, the Electronic Frontier Foundation (EFF), and Consumer Action. These privacy advocates withdrew from the process because they lacked confidence that the meetings would lead to establishing guidelines that enforced proper data protections.

A statement issued by CDT concerning the code of conduct contends that the privacy guidelines lacks real guidance for businesses and protection for individuals.

“Facial recognition technology raises serious privacy concerns, whether it is used for retail tracking, photo tagging, or public targeting,” said Michelle De Mooy, CDT Deputy Director of Privacy & Data. “At a minimum, businesses should notify consumers and seek permission when facial technology is used, especially if it’s being deployed to track them in public or inform decisions on issues such as employment, health care, credit, or housing. The best practices don’t even do that. Industry can and must do better.”

The best practices do not apply to the government’s use of facial recognition technology or to security applications, law enforcement, national security, intelligence, or military uses.

Article Topics

 |   |   |   | 

Latest Biometrics News

 

How the ID industry can become more sustainable – and help to raise awareness for greener travel

By Tobias Nuessle, COO of Veridos The travel and tourism industry is a significant contributor to global CO2 emissions. Various…

 

Biometrics upgrades arriving at borders (but check the schedule for updates)

New biometric technology is coming to borders in Europe and the UK, but as reflected in several of Biometric Update’s…

 

What is the killer app for verifiable credentials? Daon, Dock and Youverse discuss

Industries such as financial services, healthcare, transport, government and more are increasingly adopting digital verifiable credentials connected to biometrics. Their…

 

Veteran biometrics leaders join FaceTec, Credence, ID.me adds ex-Meta exec

The latest round of appointments in the biometrics and identity management sector includes a former leader of federal government sales…

 

EU announces phased approach for EES

The European Union has proposed a progressive introduction of its biometric traveler registration scheme, the Entry-Exit System (EES). On Wednesday,…

 

Drowsy drivers to get AI-assisted safety prompts

Fatigued drivers are one of the most common hazards on the road, but sleepy-heads on commercial wheels are to get…

Comments

6 Replies to “NTIA finalizes commercial facial recognition code of conduct”

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events