FB pixel

Scotland’s watchdog sends fresh warning over storing biometric data on Microsoft cloud

Categories Biometrics News  |  Law Enforcement
Scotland’s watchdog sends fresh warning over storing biometric data on Microsoft cloud
 

Scotland’s data protection watchdog has requested that the Scottish police assess the security of storing biometric data on Microsoft’s servers.

Biometrics ­Commissioner Brian Plastow wants more information on a platform called Digital Evidence Sharing Capability (DESC). A pilot project, it is testing easier access by police and court employees to images, CCTV footage and other sensitive data used in court cases.

Plastow warned that storing sensitive data of UK citizens on a cloud server run by a United States company opens questions about U.S. government access to Scottish data. The DESC project is run by government contractor Axon and hosted on Microsoft’s Azure.

“Based on the information so far provided to me by Police Scotland, I am not satisfied that biometric data within the Scottish government DESC project is being properly protected from unauthorized access,” he told The Sunday Post.

According to the U.S. Cloud Act, federal law enforcement agencies can compel domestic companies to provide data stored on servers regardless of whether the data is owned by a firm based outside the U.S.

“In other words, there is a risk U.S. federal authorities could compel the technology supplier to surrender very sensitive Police Scotland data without their knowledge or consent,” says Plastow.

Similar concerns have dogged the Scottish Police Authority itself.

This could put the DESC pilot at odds with the UK data protection law and the Scottish Biometrics Commissioners Code of Practice, the commissioner says. The legality of the scheme is being reviewed by the UK’s information commissioner.

The Scottish police have said that digital evidence-sharing is limited and does not include fingerprint, bodycam or DNA evidence. The pilot is part of a £33 ­million (US$42 million) Scottish government initiative to transform how evidence is managed across the justice system.

This is not the first time Plastow has sounded an alarm over stored biometric data. Earlier this year, after the commissioner found that the police had stored large amounts of biometric data from arrests on Microsoft servers, the Scottish Police Authority agreed to accept his recommendations. This included better protection of children’s data and increasing transparency and “right to information” for data subjects.

The Cloud Act and the question of U.S. government’s access to foreign citizens’ data is not only a concern in the UK. The US and the EU have spent months trying to reach a deal for the EU-U.S. data privacy framework with debates centering around concerns about U.S. spy agencies accessing Europeans’ private data. The mechanism is designed to safely transfer European Union citizens’ personal data to the United States, including biometric data.

Article Topics

 |   |   |   |   | 

Latest Biometrics News

 

Governments still struggling to secure data. Zero-trust, passkeys could help

A digital data breach at the National Social Security Fund (CNPS) of Cameroon has resulted in the leak of citizens’…

 

Controversy surrounding police use of FRT in Denmark and Germany continues

In recent months, European nations have seen heightened debate over the use of facial recognition technology (FRT) by law enforcement,…

 

Privado ID merges with Disco to unify digital identity across Web2, Web3

Privado ID, formerly known as Polygon ID, has announced a merger with Disco, a company specializing in multichain verifiable data…

 

G20 ministers pledge AI transparency and digital inclusion with DPI at the core

At the G20 Digital Economy Ministers’ meeting held in Maceió, Brazil, on September 13, 2024, global leaders reaffirmed their commitment…

 

Spanish startup B-FY brings offline biometrics to US cloud authentication market

Spain-based biometrics startup B-FY has launched in the U.S. market, introducing its cloud-based identity verification and authentication software. B-FY’s technology…

 

Biometric payment cards from FPC and Infineon ready for mass production

Fingerprint Cards and Infineon Technologies have officially unveiled the complete package of biometric payment card technologies that Infineon previewed in…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events