UK data watchdog responds to govt consultation on police use of facial recognition

The UK’s Information Commissioner’s Office (ICO) wants clearer rules for law enforcement agencies using facial recognition technology (FRT) and other biometric tech that will build on – and not replace –  the country’s existing data protection laws, the personal data watchdog says in its newly published response to a Home Office consultation on the issue.​

The 10-week consultation was launched in December and aims to gather opinions on introducing a legal framework for police use of facial recognition and other biometric technologies.

“In our view, the most effective way of mitigating this risk is to set out in the legislation a greater level of specificity on the use of FRT and similar technologies in law enforcement,” says the government agency. “This would ensure that all relevant regulators are able to draw on clear, consistent and specific provisions for when and how these technologies should be used.”

For maximum benefit, the new framework should aim to cover as many relevant law enforcement use cases and technologies as possible, including missing persons cases, says the ICO. The regulation should also consider the range of ways police use biometric systems: In some cases, for instance, the police rely on databases from third parties, both public and private.

As part of the consultation, the Home Office is also seeking views on creating a “one-stop shop” regulator for the technology, which would include and build on the roles of the Biometric and Surveillance Camera Commissioner (BSCC) and Forensic Science Regulator (FSR).​

The ICO supports the move but believes that this would not remove its own role as a personal data regulator. The introduction of a new regulatory body should not duplicate responsibilities or bring conflicting requirements with existing data protection law.

“There is a risk that creating a new regulator introduces the potential for inconsistent or contradictory regulatory decisions being made by the different oversight bodies that will continue to have jurisdiction,” the agency notes.

Another important topic for the ICO is the EU adequacy risk. Regulatory changes could jeopardize the UK’s EU data adequacy status if the EU perceives that the UK is weakening its data protections. This could ultimately harm cross-border law enforcement cooperation, the agency notes.

The Home Office closed the consultations on Wednesday and is due to publish its results in the next 12 weeks.

Article Topics

biometrics  |  facial recognition  |  Information Commissioner’s Office (ICO)  |  law enforcement  |  live facial recognition  |  London Metropolitan Police