FB pixel

Police biometrics, surveillance ‘too complex’ to treat as data processing: UK commissioners

Letter raises the devil in the details
| Frank Hersey
Categories Biometrics News  |  Law Enforcement  |  Surveillance
 

A letter from the UK’s biometrics and surveillance camera commissioners which lodges their warnings that police use of biometrics is far more than simply a data processing and protection issue has been published.

The authors state biometrics and surveillance matters are vastly complex and that reforms to data regulation with a body that combines statutory and regulatory functions could be incompatible with the different political system in Scotland and the proposals for dealing with materials kept by police in relation to the Troubles in Northern Ireland.

While the situation may seem peculiar to the jurisdictional makeup of the United Kingdom, the public discourse over what biometric data, forensics and biological samples are and how they are handled, could inform decision-making elsewhere.

The background of the authors is indicative of some of the issues raised: Fraser Sampson is the Biometrics Commissioner for all of the UK and the Surveillance Camera Commissioner for England and Wales – appointed after the two roles were merged earlier in the year. Brian Plastow is the Scottish Biometrics Commissioner, a role created this year.

Policing is a devolved to different extents across the four nations of the UK. In September 2021 the UK government published a consultation on its proposals for data reform and creating a new UK data protection authority – a reformed Information Commissioner’s Office (ICO), with the view of bolstering the country’s position for innovation with secure data handling and flow. The move is also proposed to absorb Sampson’s dual biometrics and surveillance role into the reconstituted ICO.

“Debates about biometrics and surveillance in policing are intrinsically complicated and linked to broader considerations of legitimacy, effectiveness and efficiency,” write Sampson and Plastow.

“Above all, this area is about public confidence, trust, and public acceptability – the debate must be far broader than one of ensuring compliance with any prevailing UK data protection regime.”

Sampson and Plastow argue that even if one were to accept that police use of biometrics is a matter of data processing, adding statutory functions to a new regulator would still face jurisdictional problems.

The Scottish Parliament has already determined that it does not view police use of biometrics as a matter of data protection. The commissioners quote Scottish Justice Secretary Humza Yousaf who said that Scotland appointed an independent Biometrics Commissioner to “complement the work of others, including the Information Commissioner, and help maintain public confidence in how new technologies and data are being used to help keep crime down and communities safe.”

Scotland does not have a Forensic Science Regulator and so expanded the definition of “biometric data” to ensure its Biometric Commissioner has statutory oversight of forensic samples and biological materials from which biometric data can be derived. The authors argue that this shows the role – in Scotland – is not just about data.

Forensics development in Australia could result in fingerprints and facial characteristics being deduced from DNA samples and is already deducing ages to within four years.

Northern Ireland poses an entirely different set of issues. Police there have amassed DNA and biometrics of people in relation to the Troubles. It has never brought into effect the passed Criminal Justice Act (Northern Ireland) 2013 because a large volume of DNA and fingerprints of non-convicted people would have to be deleted by the police.

“In order to mitigate any risk that the deletion of this material could undermine the investigation of unsolved Troubles-related deaths in Northern Ireland, a form of statutory provision will be required to provide a lawful basis for deleted material to be retained and used for the purpose of legacy investigations,” write the commissioners.

A new Information Recovery Body has been proposed for the region.

Ultimately, Sampson and Plastow argue the issues are too complex and jurisdictional variation too great for an overall “super regulator” that attempts to offer both statutory and regulatory functions.

Meanwhile Welsh police trial facial recognition via phone app for faster arrests

The South Wales Police are pioneering with biometrics again, this time alongside their colleagues at Gwent Police. Seventy officers will use a system called Operator Initiated Facial Recognition to confirm the identity of a wanted suspect without the need to go back to a police station, reports Police Professional.

A mobile phone app allows the officer to photograph a person to compare it to the police database.

“When dealing with a person of interest during their patrols in our communities, officers will be able to access instant information allowing them to identify whether the person stopped is, or is not, the person they need to speak to, without having to return to a police station,” Assistant Chief Constable Ian Roberts of Gwent Police is quoted as saying.

Consent is not necessary, reminds South Wales police and crime commissioner, Alun Michael: “It’s important to remember that police officers have always been able to spot a person who is wanted for a crime and stop them in the street. The difference with the use of this technology is simply the speed and accuracy with which the individual can be identified and arrested and the speed with which a person who is not wanted by the police can be allowed to go on their way.”

Also: “This tool can also provide identification of someone who is unconscious or seriously injured and unable to communicate who they are,” said Roberts.

The system’s name ‘Operator Initiated’ could have been chosen to calm concerns that the force is embarking once again in unlawful automated facial recognition. South Wales Police were heavily criticized for deploying facial recognition at a football match, capturing facial images without consent for automatic public identification. The UK Court of Appeal found such uses to have been unlawful.

Article Topics

 |   |   |   |   |   |   |   |   |   |   |   |   | 

Latest Biometrics News

 

Will Scotland be the first nation to pass primary legislation covering live FRT?

The Scottish privacy commissioner continues to express consternation over the potential use of live facial recognition by Police Scotland. Meanwhile,…

 

France Identité app launches sandbox for iOS, proves age check privacy bona fides

France Identité, the French government’s mobile app for digital identity verification, has made its sandbox build available in iOS. Writing…

 

Digital ID success at scale hinges on tech, governance, adoption: IN Groupe

A study by French identity provider IN Groupe has established that digital identity systems succeed at scale only when countries…

 

New book makes case for DPI as fully integrated ecosystem

Digital development specialist Pedro Tavares has published a book that outlines how governments can successfully build digital states with digital…

 

Agentic AI pushes financial sector toward continuous identity

Agentic AI is forcing a rethink of identity and authentication in payments, as systems designed for human approval struggle to…

 

New Reality Defender Ethics Committee not mere theater, says CEO

“Most ethics committees are theater. This is not one of those.” So begins a new post from Reality Defender CEO…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Continue Reading

Biometric Market Analysis and Buyer's Guides

Most Viewed This Week

Featured Company

Learn More

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events