UK ICO plans guidance to build public confidence in AI, biometrics deployments

The UK Information Commissioner’s Office says in a response to government inquiries that it is making progress on the AI and biometrics strategy released last June. A code of practice, guidance for businesses, government bodies and the public and refreshed innovation initiatives are all incoming over the next year.

The ICO’s letter to the Secretaries of State on AI argues that its role in the domestic development of the technology is to inspire confidence in its responsible deployment.

The UK’s Technology Secretary and the Business Secretary wrote the ICO jointly in January of 2026 to request the publication of a plan to enable safe AI-driven innovation by the end of May.

The letter, addressed to Secretaries of State for Science, Innovation and Technology Liz Kendall and Business and Trade Peter Kyle, does not address biometrics explicitly, aside from  .

The ICO is currently developing an update to the AI plan for the 2026-2027 year, with two goals. One is to ensure the public confidence in how AI systems use personal data and in their “agency, choice and control” over that use. The other is to communicate clearly what is expected of organizations deploying AI to meet their legal data protection obligations.

To that end, the ICO will develop a statutory code of practice for AI and automated decision-making (ADM), listen to consumer concerns about personalization of AI services and produce a “how to” guide in the style of green cross code to help the public make informed decisions. The regulator will publish transparency guidance for organizations, particularly SMEs and public sector bodies, to help them comply with data protection obligations, publish guidance on agentic AI systems and UK GDPR and introduce rebranded and streamlined innovation and sandbox services.

A Tech Futures report from the ICO laid out the regulator’s approach to fostering responsible AI agent use earlier this year. At the same time the Office is engaged in specific applications of AI and biometrics, like the UK’s online safety and age assurance regulations.

Progress on the above initiatives will be included in the ICO’s quarterly reports.

Article Topics

biometrics  |  explainability  |  facial recognition  |  Information Commissioner’s Office (ICO)  |  responsible AI