Skip to main content
Menu
biometric data, report, biometric

'Governance gap' in use of biometric data must be fixed

7 March 2015

Image of UK Parliament portcullis

The Government has failed to respond strategically to the growing use of biometric data, leaving a governance gap that has allowed the police to begin collecting certain biometric data without proper oversight, the Science and Technology Committee has warned.

Andrew Miller MP, Chair of the Committee said:

"As we struggle to remember ever more passwords and pin numbers in everyday life, the potential benefits of using biometric technologies to verify identity are obvious. However, biometrics also introduce risks and raise important ethical and legal questions relating to privacy and autonomy.

We are not against the police using biometric technologies like facial recognition software to combat crime and terrorism. But we were alarmed to discover that the police have begun uploading custody photographs of people to the Police National Database and using facial recognition software without any regulatory oversight—some of the people had not even been charged."

The Biometrics Commissioner told the inquiry that the police were uploading photographs taken in custody, including images of people not subsequently charged with, or convicted of, a crime, to the Police National Database and applying facial recognition software. The Information Commissioner’s Office clarified that the Protection of Freedoms Act 2012 did not extend to photographs and that there was no specific legislation covering their retention or use by the police. The MPs are concerned that this gap in the legislation has persisted, despite being known to both the police and the Government, and have recommended that the statutory responsibilities of the Biometrics Commissioner be extended to cover the police use and retention of facial images.

The need for a strategic approach

The Committee argues that both effective regulation and a clear strategy are urgently required if biometric technologies are to be successfully exploited and their risks minimised. The Government’s ongoing failure to publish a biometrics strategy was found to have detrimental effects on aspects of the governance of biometrics and has left a clear gap in legislation.

Andrew Miller MP added:

"Management of both the risks and benefits of biometrics should have been at the core of the Government’s joint forensics and biometrics strategy. In 2013, my Committee was told by the Government to expect the publication of a strategy by the end of the year. We were therefore dismayed to find that, in 2015, there is still no Government strategy, no consensus on what it should include, and no expectation that it will be published in this Parliament."

Future trends

The report identifies three future trends in the application of biometrics: the expansion of unsupervised biometric systems, accessed via mobile devices, which verify identity; the proliferation of “second-generation” biometric technologies that can authenticate individuals covertly; and the linking of biometric data with other types of ‘big data’ as part of efforts to profile individuals.

It also points to the growing use of biometric identification systems by the state, particularly in immigration and law enforcement. Despite this growth, the Committee found that the Government had been largely silent on the matter since the abolition of the Government’s Identity Card Programme in 2010 and had failed to engage in a full and frank public debate about biometrics. MPs have called on the Government to reverse this trend and set out plans to facilitate an open, public dialogue around the use of biometrics.

Background

Biometrics is the measurement and analysis of a biological characteristic (fingerprints, iris patterns, retinas, face or hand geometry) or a behavioural characteristic (voice, gait or signature). Biometric technologies use these characteristics to identify individuals automatically. Unlike identity documents or passwords, biometrics cannot be lost or forgotten since they are a part of the user and are always present at the time of identification. They are also difficult, though not impossible, to forge or share. In the UK, the Office of the Biometrics Commissioner is responsible for keeping under review the retention and use by the police of DNA samples, DNA profiles and fingerprints.

Further information