Facial recognition guidelines are good. A new UK guide is not, say privacy advocates

An influential police association in the United Kingdom has published voluntary guidelines for using live facial recognition — something privacy advocates globally have demanded. But it is not the guidance some of them were hoping for.

After seeking public comment on the guide a year ago, the College of Policing posted the report this week. It is a detailed examination of the technology and practices involved in tracking live face biometrics, one of the most contentious applications of the AI algorithms.

Proposed guidelines are not hard to come by, however most tend to be very specific or too conceptual.

The ability for a government agency (or almost any other organization) to turn on a camera pointed at foot traffic and begin sifting through the faces disturbs not only liberal-leaning privacy advocates but also conservative-leaning small-government activists.

Much of the guide focuses on fine points, such as the process agencies should follow for the stand-alone deployment of live facial recognition systems and operations, and how to document each aspect of a deployment.

But of particular note in the guide, which pertains specifically to police agencies in England and Wales, is the spectrum of people in public who can be placed on a watch list, included in the system to identify certain people on sight.

Some categories of people are obvious — anyone wanted by a judge or suspected of a crime. But an authorizing officer, under the guidelines, could add the face biometrics of a person deemed at risk of hurting themselves.

Trickier still, the “victim of an offence or a person who the police have reasonable grounds to suspect would have information of importance and relevance to progress an investigation.” A “close associate” of someone added to a watch list can be considered for inclusion, too, according to the association.

The makeup of the watchlist, the need for a data protection impact assessment and bias protections, and policy guidance for each element were identified as shortcomings when a previous live facial recognition deployment by South Wales Police was declared unlawful.

The guideline calls for authorizing officers to show that inclusion is proportional to the need: How deep is a person’s stated need for privacy? How important of a suspect is the person sought? Are there better, less intrusive avenues in searching for a suspect?

The association also recommends that authorizing officers to consider the expectation of privacy a member of the public might have where a camera is in use. The expectations would not automatically rule out deployment, even at demonstrations, churches, polling places and hospitals, but could result in a change of tactics.

It all sounds like loopholes to at least some privacy advocates.

An article in WalesOnline, some activists quoted said that the guidelines already document mission creep compared to earlier operations and trial balloons. Nor do the recommendations tackle concern that facial recognition is a solution in search of a problem, or that the technology has not made communities safer, they told the publication.

Article Topics

biometric identification  |  biometrics  |  criminal ID  |  data protection  |  facial recognition  |  police  |  privacy  |  real-time biometrics  |  UK  |  Wales