German lawmakers call for bans on biometric surveillance

German lawmakers are calling for a ban on biometric surveillance and accusing the German police of handing over sensitive biometric data for commercial purposes as criticism piles over the secretive use of a real-time facial recognition system by German law enforcement.

The German Federal Parliament is currently discussing a draft law aiming to amend the Federal Data Protection Act (BDSG), presenting a window of opportunity to regulate biometric surveillance in public spaces.

Among those calling for the inclusion of the ban at a Bundestag hearing this week was Matthias Marx from the Chaos Computer Club (CCC), Europe’s largest association of hackers and Simone Ruf from the non-governmental organization GFF (Gesellschaft für Freiheitsrechte, i.e. Society for Civil Rights), according to Geman media outlet Heise.

The call for a ban comes after a parliamentary inquiry uncovered earlier this year that the police in the German eastern State of Saxony were using live facial recognition to track suspects called the Personal Identification System (PerIS). In June, Saxony’s data protection office said that the use of the system could be unconstitutional with the agency now considering an investigation into the Saxon Ministry of the Interior.

Marx pointed out that the same technology used by the Saxon police has also been secretly used in other areas, including North Rhine-Westphalia, Brandenburg, Baden-Württemberg, Berlin and Lower Saxony.

The lawmaker also claims that the Federal Criminal Police Office (BKA) has made facial images of around three million people from the Joint Electronic Information System (INPOL) database available to the Fraunhofer Institute for Computer Graphics Research. The data from the German police database was obtained to conduct market research into facial recognition systems without the knowledge of the data protection authorities or legal basis, according to Marx.

“The Chaos Computer Club demands that fines and coercive measures can also be imposed on authorities and other public bodies for data protection violations,” he says.

Ruf highlighted that the Federal Data Protection Act would be well-suited for banning data processing from biometric remote identification systems in public spaces. It already holds regulations for biometric data processing and applies to private companies, public bodies of the federal government and, provisionally, those of the federal states.

“The use of such systems is associated with enormous risks and dangers for fundamental and human rights and cannot contribute to effective police work given the continued high susceptibility to errors and the discriminatory effects of these systems,” Ruf says in a statement.

Article Topics

biometric identification  |  biometrics  |  Chaos Computer Club  |  data protection  |  facial recognition  |  Federal Data Protection Act (BDSG)  |  Germany  |  legislation