Ban biometrics from public spaces, EU data protection authorities recommend

The European Data Protection Supervisor (EDPS) and the European Data Protection Board (EDPB) have issued a call for a broad ban on biometrics for automated recognition in public spaces, as well as other situation where they say the technology’s use could lead to discrimination.

The opinion was delivered in response to the European Commission’s proposal for regulating artificial intelligence, and cites the “extremely high risk posed by remote biometric identification of individuals in publicly accessible spaces.” The call explicitly identifies not just live facial recognition, but also gait, fingerprints, DNA, voice and keystroke biometrics, calling for their ban in public spaces “in any context.”

The data protection authorities also call for a ban on biometrics-related applications that seek to categorize individuals based on ethnicity, gender, political or sexual orientation, or other areas protected from discrimination under Article 21 of the EU’s Charter of Fundamental Rights. Emotion recognition is also “highly undesirable,” according to the EDPS and EDPB, and should be banned except in some healthcare applications, as should any type of social scoring.

“Deploying remote biometric identification in publicly accessible spaces means the end of anonymity in those places,” state EDPB Chair Andrea Jelinek and EDPS Wojciech Wiewiórowski jointly. “Applications such as live facial recognition interfere with fundamental rights and freedoms to such an extent that they may call into question the essence of these rights and freedoms. This calls for an immediate application of the precautionary approach. A general ban on the use of facial recognition in publicly accessible areas is the necessary starting point if we want to preserve our freedoms and create a human-centric legal framework for AI. The proposed regulation should also prohibit any type of use of AI for social scoring, as it is against the EU fundamental values and can lead to discrimination.”

Wiewiórowski has already signaled that the proposed AI framework does not go far enough in restricting public biometrics applications.

On the proposed oversight framework, the EDPS and EDPB welcome the role they would be given as an authority over surveillance systems, but seek further clarification, and say national data protection authorities should be designated as supervisory authorities for their respective countries.

The authorities also question the designation of the European Artificial Intelligence Board (EAIB), saying it would conflict with a needed body independent from political influence. The proposal therefore could be improved, they suggest, by giving the EAIB more autonomy.

Article Topics

biometric identification  |  biometrics  |  data protection  |  dna  |  emotion recognition  |  EU  |  European Data Protection Board (EDPB)  |  facial recognition  |  gait recognition  |  keystroke dynamics  |  privacy  |  surveillance  |  voice biometrics