Belgian lawmakers get a year to make their biometrics rules jibe with GDPR
Data Protection Authority officials published a 41-page document recommending that Belgian legislators bring national laws into accordance with the European Union’s iconic (or infamous, based on your vantage point) General Data Protection Regulation, or GDPR.
Full Biometric Update coverage of GDPR can be found here.
The guidance document is a dense read that requires a working knowledge of the GDPR. The goal is to compile coherent regulations, in line with the EU standard, that citizens and anyone collecting, using and holding biometric data can follow.
The recommendations primarily affect government and industry using biometrics for civil identification purposes, but authors of the document “invite” lawmakers to address the balance between society’s expectation to be safe from crime and the individual’s right to privacy and due process.
Belgian lawmakers, according to the authors, have to create legislation setting out how biometric data can be processed if they want to continue to authorize specific uses of the data.
Given the complexity of the task and the ongoing, every-day need for biometrics-based authentication, Data Protection Authority officials have given the national government a one-year cushion. They can continue to operate under existing, albeit inadequate, rules until this time next year, when new rules can be voted on by legislators.