Britain’s Biometrics and Surveillance Camera Commissioner is praising the UK government for scrapping a plan that would have moved some police oversight responsibilities to the Information Commissioner’s Office (ICO). The government had tabled the possibility of shifting DNA and fingerprint technology to the ICO’s portfolio at the tail and of 2021, though Biometrics and Surveillance Commissioner Fraser Sampson publicly opposed the scheme, largely because he felt that the ICO’s data privacy mandate did not adequately encompass the unique nature of biometric technologies.
The government now seems to agree with that assessment, at least to the extent that it has taken Sampson’s opinion into account while rendering its decision. The ICO will not be asked to regulate the police use of DNA and fingerprint tech, leaving that in the hands of Sampson’s office for the time being.
However, the government is still trying to simplify some of its regulatory infrastructure, and Sampson indicated that he is willing to continue that conversation. He specifically noted that a similar proposal to move fingerprints and DNA to the Investigatory Powers Commissioner would make more sense, since there is more overlap between that office and his own.
Sampson also stressed that the government will need to do a better job of defining biometrics as it relates to the police service. At the moment, the term only covers fingerprints and DNA, and therefore leaves out a number of technologies – including face and iris recognition – that are becoming increasingly popular with law enforcement. He noted that the public is becoming more wary of surveillance tech, and that biometric solutions need to be regulated in such a way that takes that sentiment into account.
“The acid test for any framework for the police use of biometric and overt surveillance technology will be how far it allows us to know that their technical capabilities (what is possible) are only being used for legitimate, authorised purposes (what is permissible) and in a way that the affected community is prepared to support (what is acceptable),” wrote Sampson in a statement.
Sampson also suggested that the UK’s regulatory framework would need a way to ensure trust with the private sector, since businesses are the ones developing most of the biometric technology that is now being deployed. In that regard, Sampson believes that private organizations should be able to show that they meet certain security and ethical best practices. Sampson has encouraged the UK to blacklist Chinese companies like Hikvision for failing to meet that standard.
June 20, 2022 – by Eric Weiss