The Mayor of London has
recently written to the owners of a 67 acre site in Kings Cross London
regarding their use of facial recognition technology.

Live facial recognition
(LFR) involves the processing of personal data; the biometric data of a large number
of people is captured and screened against a database to identify people of
interest.  It has significant data
protection and privacy implications. This is a high priority area for the ICO;
it is currently investigating its use by the police and has intervened in the
case of R (Bridges) v Chief Constable of South Wales Police relating to whether
the use of LFR by the police is lawful. The ICO has indicated that once
judgment in this case is given it will report on the findings of its
investigation and set out what action needs to be taken. This will also have
implications for private companies.

It’s not just the police
that are the subject of the ICO’s focus; it is also considering the use of LFR
in public spaces by private companies, just as in Kings Cross. The Information
Commissioner has given guidance for police forces considering LFR which
includes carrying out data protection impact assessments and ensuring the
algorithms within the software do not treat the race or sex of individuals
unfairly. The same considerations apply to private companies who will also have
to identify the lawful basis upon which they rely to process the personal data. 

The ICO has stated
that it will consider regulatory action where it finds non-compliance. With the
ICO having power to fine companies up to 4% of their worldwide annual turnover
and given that this is an area which is under scrutiny, private companies using
LFR or considering its use must ensure that they meet their data protection compliance
obligations.

The post Title is Data Protection and Facial Recognition appeared first on Pannone Corporate.