FB pixel

Swedish data protection authority issues first fine for biometrics use under GDPR

| Chris Burt
Categories Biometrics News  |  Facial Recognition  |  Schools
 

Sweden’s data protection authority has issued a penalty of SEK 200,000 (US$20,650) to a school which used biometric facial recognition to record student attendance for violating Europe’s General Data Protection Regulation (GDPR).

The penalty is the first issued by Sweden’s regulator under GDPR, and while fines can reach SEK 10 million ($1 million), the amount of the fine imposed reflects the context of the offending party being a government authority, and the violation occurring as part of a limited trial. A high school in the town of Skellefteå used facial biometrics to conduct daily attendance checks in a trial that lasted three weeks, and included the data of 22 students, according to the regulator’s statement. School officials say consent was obtained from the students.

Data Inspectorate lawyer Ranja Bunni explained that the consent is not valid in this case because the students are in a position of dependence on the board.

“The High School Board in Skellefteå has violated several of the provisions of the Data Protection Regulation in a way that we now issue a penalty fee,” says Swedish Data Inspectorate Director General Lena Lindgren Schelin, as translated by Google.

“Facial recognition technology is in its infancy, but development is fast. We therefore see a great need to create clarity about what applies to all actors,” Schelin adds.

Adecco Group meanwhile has informed Belgium’s privacy regulator that the biometric data of roughly 2,000 employees of its Belgian business were exposed by the vulnerability recently identified in Suprema’s BioStar 2 system, Bloomberg News reports.

European companies are required to report breaches if there is a high risk to personal data, and the regulator is now investigating.

“This concerns the loss of control of extremely sensitive data of no fewer than 2,000 people,” Belgian Data Protection Authority President David Stevens said in a statement.

Suprema said in a statement after the data exposure was revealed that there are no indications any data was exfiltrated from the system.

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

Identity and risk infrastructure startup secures $12M for Europe, LATAM expansion

Monnai, which provides identity and risk data infrastructure, has announced a 12 million dollar equity funding round led by Motive…

 

Hopae appoints Sarah Clark to lead US expansion of digital ID verification platform

Sarah Clark is Hopae’s new CPO and GM for North America, joining the Seoul-headquartered company to help extend the reach…

 

Bahrain financial services deploy biometric KYC and IDV with new eKey for business

Bahraini financial service companies are integrating Bahrain’s national biometric digital identity and Know Your Customer (KYC) service for businesses, EKEY-B,…

 

Australian age assurance law prompts removal of 4.7M underage accounts

Australian regulators have released initial results from the country’s social media age restriction, showing that major social media companies removed…

 

Thailand introduces face biometrics verification to fight health sector fraud

The government of Thailand is adding facial scans to the patient verification process within the framework of the country’s Universal…

 

KYA emerges as essential tool to ensure agentic AI is trustworthy

It’s 2026; do you know who your agents are? This is the question of the moment, as the agentic AI…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Continue Reading

Biometric Market Analysis and Buyer's Guides

Most Viewed This Week

Featured Company

Learn More

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events