The College of Policing in the UK has published authorised professional practice for police forces in England and Wales take a consistent approach when using technology to find someone sought by the police. The guidance also provides a clear legal and ethical framework for its use, the College says.
This follows the legal case of Bridges versus South Wales Police which reached an Appeal Court judgment in August 2020 – it’s among the laws and regulations cited in this new guidance – that found that police force’s use of live facial recognition (LFR) had ben in breach of privacy, data protection and privacy laws. Among what the guidance explicitly does not cover is use of automation by the private sector.
To freely read the document visit the College of Policing website. Among its guidance, it suggests that a chief officer should be designated senior responsible owner (SRO) with responsibility for overseeing the strategic management of LFR.
When LFR is used to locate those on a watch-list and there is no match with a person on the watch-list on passing the LFR system, the biometric template created by the facial recognition technology should be instantaneously (or near instantaneously) and automatically deleted, without need for any human intervention. False positive alerts should be deleted as soon as possible and in any event within 31 days.
Comment
Simon Randall, CEO at Pimloc, a video privacy and security company described the new guidance as troubling. “This isn’t simply a matter of “catch the bad guys” – measures like this have the potential of gathering vast amounts of private data on anyone and everyone without important human context. It raises serious questions not only in the handling and use of this data, but in the performance of AI technology used to help determine action.
“The right to privacy and the need for greater security measures are intrinsically linked, and personal freedoms must play a vital role in how we deploy technology and establish its legality. This is a powerful technology which could be a real asset to national security. But if we get this wrong now, it will be much more challenging to deploy in an effective way down the line.
“The UK’s GDPR laws have always been heralded, and we’re seeing how these are beginning to reverberate across Europe – and further afield. But the open use of live facial recognition technology in this way feels like a misstep and one which could quickly become out of the public’s control of their very own data.”
Photo by Mark Rowe; street art, shop shutters.
