Proposed facial recognition ban in EU doesn’t go far enough — privacy advocates

Opposition in the European Union to facial recognition surveillance is not appeased by a proposed AI law promoted as being people-centric and risk-based.

In EU member state Finland, a government ombudsman focused on data protection, yesterday reprimanded the National Bureau of Investigation for illegally using Clearview AI‘s global biometric face-matching subscription service.

The situation highlights the current murky nature of facial recognition system regulations in Europe and beyond.

Bureau officials said that employees learned of Clearview at a 2019 meeting hosted by the police agency Europol, according to Finnish news publisher Yle. They have said officers in their child exploitation investigation unit used the service for a month.

Separately, in February 2020, the European Commission debated ways to match or overtake the United States and China in the development of AI. Then as now, the EC sought ways to classify AI tools, including a low-risk category that could be covered by voluntary labeling.

This week, a panel of EU political, government and advocacy insiders made their case for dramatically closing exceptions in the Artificial Intelligence Act. (Opposition is broadening. Fifty-six privacy rights groups in April urged prohibitions.)

An analysis of the bill by global consultancy Deloitte Touche Tohmatsu notes that exceptions have been created for the military as well as third-country authorities and international organizations that are part of law enforcement and judicial agreements with member states.

Speakers, gathered by the Greens/EFA political group, agreed a Europe-wide set of laws is needed. It just has to be more centered on the rights and expectations of people in public spaces.

Banning biometric mass surveillance of people in publicly accessible areas, part of the proposed law, is good, said Brando Benifei, an Italian member of the European Parliament. But a general ban on facial recognition in publicly accessible areas is required because of the high risk of erroneous system operations, hacking and outright abuse by governments and businesses.

A pair of EU regulatory bodies, the European data protection supervisor and the European Data Protection Board in June came to the same conclusion.

The groups have also called for a ban on automated biometric recognition — live or otherwise — of faces, fingerprints, DNA, gait and voice as well as behaviors such as keystrokes.

Wojciech Wiewiórowski, the data protection supervisor, said he parts ways with those who want a ban on AI itself, which he said holds promise as a tool for society.

Article Topics

AI  |  biometric identification  |  biometrics  |  data protection  |  EU  |  facial recognition  |  legislation  |  privacy  |  regulation