Case Studies

Biometrics Commissioner report

by Mark Rowe

There is no specific statutory framework, other than data protection, to provide governance for police use of new biometrics, says the Biometrics Commissioner in his annual report to the Home Secretary. The report calls for clear rules for police use of new biometrics, not left to the police; ‘a public interest case requires a public answer’.

In a foreword to his report, the fifth by the Commissioner – full title, the Commissioner for the Retention and Use of Biometric Material – Paul Wiles complains that ‘the all dominating Brexit focus of Westminster has marginalised this among many other issues’. He noted the legal challenge to Home Office-funded trials by South Wales Police and the Metropolitan Police. He adds: “We shall have to await the court judgments, but these cases are probably only the first challenges to the police use of new biometric technologies in trials. Actual deployment of new biometric technologies may lead to more legal challenges unless Parliament provides a clear, specific legal framework for the police use of new biometrics as they did in the case of DNA and fingerprints.”

Widespread surveillance, even against a local watch list, is a significant intrusion into the privacy of all those scanned, according to Wiles.

According to the report: “Legislation failing to keep up with the pace of technical change in data use does not just apply to biometric data. Legislators around the world have spent the last year playing catch-up with the implications of global tech companies collecting huge person-centred databases and developing the analytic tools to exploit the data.”

Paul Wiles describes the present situation as ‘somewhat chaotic’ and adds: “However, the more strategic question is whether the public will retain their confidence in the police use of biometrics if the important issue of proportionality has not been decided independently, by our elected representatives, rather than the police themselves.”

The report commended some policing bodies for approaching the office, ‘seeking guidance’, because they are starting trials of new biometric technologies and want to know rules or a governance framework.

The post was set up under the Protection of Freedoms Act 2012 (PoFA) to govern the police use of fingerprints and DNA but as the report points out, since PoFA was passed ‘there has been a very rapid growth in the availability and utility of other biometric technologies’. Facial image matching by the police may involve the use of public-facing CCTV systems. Such systems are subject to the Surveillance Camera Code of Practice drawn up by the Surveillance Camera Commissioner, Tony Porter, another role created by the PoFA.

For the report in full visit https://www.gov.uk/government/publications/biometrics-commissioner-annual-report-2018.

For the Government response to the report click here.

Comment

David Emm, Principal Security Researcher at cyber firm Kaspersky said: “Whilst it’s important that police forces should be equipped with the necessary tools to make our society safer, the use of biometrics is clearly a grey area. Technology develops very quickly; and legislation doesn’t always keep pace. We support the call for strict regulation and processes to be in place before facial recognition technology is routinely used by the police. Even the trailing of fingerprints and other biometrics should be carefully controlled. In today’s society, there is an inevitable need for enhanced security; but if misused, such technology can be used to undermine personal privacy. Essentially, it raises the question: how much surveillance is too much? There is a huge question to be answered around whether public safety outweighs our right to privacy, or where exactly the balance between the two lies. So, it is imperative that strict guidelines are in place.

“This also raises the question of: where facial recognition data will be stored and who is able to access it. Like all data, it will be of value and therefore desired by cybercriminals. It will present real problems if it is hacked; we can change our passwords but we can’t change our facial or other physical features. At this stage, it seems sensible to assess how exactly how this technology could, and should, be used before unleashing it on the unsuspecting public.”

Picture by Mark Rowe; street art.

Related News

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing