UK biometrics legislation lacks clarity to protect the public: former Commissioner
Former UK Biometrics Commissioner Paul Wiles is calling upon parliament to create legislation that explicitly deals with the use of biometric technologies in the UK, citing police use of the technologies and a failure to keep up with current developments.
Wiles referenced specifically uses of live facial recognition (LFR), voice biometrics and gait analysis in testimony to the House of Commons Science and Technology Committee, Computer Weekly writes, highlighting the retention of custody images in the Police National Database (PND).
Creating specific legislation for the use of biometrics would give the topic more clarity, and work in the public’s best interest, argues Wiles. Section 24 of the Coronavirus Act 2020 allows counter-terrorism police to retain biometric information for six months in the absence of another statutory basis for their storage, until the authorizing section expired on March 24. Current Biometrics and Surveillance Camera Commissioner Fraser Sampson commented on the legislation shortly after its effective period ended.
In July 2019 the UK government’s Science and Technology Committee urged the Home Office to halt all trials of live biometric facial recognition so that proper legislation could be established; to which the government responded there was “already a comprehensive legal framework for the management of biometrics, including facial recognition” in a report.
“It will be possible in the future to use live facial recognition purely for a private commercial profit motive interest, without necessarily making the individual aware that it is going on. This is simply the analogue of what we’re already seeing in the use made of the data that every day all of us give, not just to big tech companies but the small companies as well, and the fact that they are exploiting that and selling that data on without us really understanding,” Wiles comments.
In June, UK Information Commissioner Elizabeth Denham set out recommendations to address concerns over inappropriate and reckless use of LFR in public spaces, emphasizing the importance of good governance in uses of facial recognition set out in the ICO’s report.
In the same month, Sampson praised public and private entities for completing compliance certification with the country’s CCTV best practices code. Sampson previously defended police use of facial recognition, along with any other technologies that can help them fight crime.
If parliament were to fail in creating biometric-specific legislation, extending the 2012 Protection of Freedoms Act (POFA), which contains regulation regarding retention of DNA and biometric data, could be an alternate option, says Wiles.
This post was updated at 5:15pm Eastern on July 8, 2021 to note that the emergency biometrics retention power has expired.