Facial recognition use in public spaces under the microscope in EAB event
The use of facial recognition in public spaces is one of the most controversial topics in the field of biometrics, and is being grappled with currently by regulators in several jurisdiction. The EAB, accordingly, held a workshop on the DATAFACE project carried out by Catherine Jasserand at the Center for IT& IP law (CiTiP) at KU Leuven over the last several years.
The DATAFACE project explores the impact of facial recognition deployed for surveillance purposes on rights to privacy and data protection, as enshrined in EU law. Impacts on other fundamental rights, as well the from biometrics used for identity verification, are out of scope.
Jasserand researched the topic for three years to inform her conclusions, supported by a grant under the Marie Skłodowska-Curie fellowship. She was originally inspired by experiments carried out by British law enforcement in 2018.
The project identifies trends in the use of facial recognition by public authorities at the country level, compares the technical function of facial recognition to the laws and regulations meant to restrain it, and analyzes the fundamental rights impact of the technology.
A look at developments over the past five years in the U.S., UK and France shows consistency largely in inconsistency. Local regulations in the United States do not apply to federal authorities, and some have been put in place only to be rolled back. UK police have resumed their experiments without an update to the legal framework supporting them, and France appears ready to use computer vision surveillance heavily for the 2024 Olympics, though not facial recognition.
The current state of public facial recognition
Following this introduction, Kiran Raja of NTNU broke down the state of the art in facial recognition, and Maša Galič of Vrije Universiteit Amsterdam explored the concept of public spaces.
Théodore Christakis of the Université Grenobles Alpes shared his research on different regulatory stances across Europe, and Merve Hickok of the Center for AI and Digital Policy in Washington reviewed the regulatory picture in the U.S.
Jasserand then discussed the treatment of public facial recognition in the EU’s AI Act, which covers the technology under the label “remote biometric identification systems.” European Parliament is set to vote on its latest draft proposal this week.
Ultimately, impact assessments for the AI Act have not demonstrated that public deployments of facial recognition meet the criteria for necessity, Jasserand concludes. Further, they have not demonstrated a lack of viable alternatives, or the effectiveness of the technology for realizing its stated purpose.
In the case of real-time facial recognition, mass surveillance is inevitable, Jasserand says, as data from all people passing through the system’s field of view would be processed. For retrospective deployments, recording must be constant in order for events to be investigated after the fact.
Whether such measures are acceptable is a legal question, but also a social and ethical one, Jasserand concludes.