VeriFi EIDOS

12.4 Biometric Recognition Technology

12.4.1 Facial Recognition Technology (FRT) Surveillance automatically compares CCTV images of individuals with images of persons of interest held in a secure database, matches are flagged up to operatives for verification as a confirmed match before being held in archive for subsequent retrieval. FRT is considered a very invasive form of data processing it is imperative that a Privacy Impact Assessment is undertaken as part of the decision making process in considering the adoption off FRT.

“Scanning people’s faces as they lawfully go about their daily lives, in order to identify them, is a potential threat to privacy that should concern us all. That is especially the case if it is done without people’s knowledge or understanding”

– Elizabeth Denham – Information Commissioner

12.4.1.1 Code of PracticeHaving regard for the lack of practical advice or a Code of Practice from either the ICO or The Surveillance Camera Commissioners Office, the following guidance is offered for general interest only as part of a decision making process that must include Privacy Impact and Legitimate Interest Assessments.

12.4.1.2 ScopeThe use of FRT should only be considered for the purpose of identifying persons believed to be responsible for antisocial behaviour, criminal activities, hostile reconnaissance, and for missing persons. Before entering images into the persons of interest database it must be recorded in writing how the person has demonstrated such behaviour and activity.

12.4.1.3 JustificationThe decision to enter a person’s image into the database must be documented and agreed by the data controller in consultation with (as applicable) law enforcement agencies and government intelligence agencies.

12.4.1.4 Image QualityAll images must be of sufficient quality so as to reduce the possibility of false matches being flagged by the system.

12.4.1.5 ReviewImages of suspect subjects held on the database shall be routinely reviewed and permanently deleted when retention can no longer be reasonably justified.

12.4.1.6 Right to be InformedIn extremely limited circumstances it may be possible to operate FRT covertly, i.e. without referring to its use in the data controller’s Privacy Policy and signage. The feasibility of this approach should be assessed very carefully having taken specialist advice. Generally, however, notifying visitors that a facial recognition system is in operation is recommended, and may itself deter crime. As such, signage should refer to this fact (see section 15 – G13)

12.4.1.7 Subject Access Request refer to section 8.1.

12.4.1.8 Consentdue to the lawful purpose of this processing consent would not be required.

12.4.1.9 Archive Retentiononly confirmed matches are retained by the system. A 30 day archive is typically held and then automatically deleted. Confirmed matches may be retained for the purpose of an ongoing police investigation until marked as no longer required, at which point they are archived subject to automatic deletion after 30 days.

12.4.1.10 Privacyaccess to recordings shall be password protected and managed on computer devices identified by unique reference numbers logged in a Controlled Data Register. The recording must be deleted at the end of the archive period.

12 4.1.11 Processto be documented in an activity log on a case by case basis.

12.4.2 Body Temperature Fever Scanning (BTFS)

Dedicated cameras scan the body temperatures of individuals present within mass numbers of people entering an area, these temperatures are compared with the norm and any exceptions are flagged for immediate validation by a nominated person, normally a member of the security team using a non contact thermometer.

The fundamental purpose of BTFS is to identify individuals with abnormal temperature, inform them that their body temperature is indicative of COVID19 and request that they leave the building.

Provided that no Personal Data or Images are committed to writing or stored in a filing system (for any amount of time or in any format), the live monitoring of body temperatures will not fall under Data Protection Legislation.

It would be good practice to inform that Body Temperature Fever Scanning is taking place by means of prominent signage located at the point of entry.

Guidance and regulations relating to the COVID-19 pandemic are changing rapidly. You should keep this regulatory area under regular review.

12.4.3 Biometric Access ControlRefer to 12.9

In commercial property access control applications the norm is to provide NFC cards or tokens rather than use of Biometrics, however fingerprint recognition is the more acceptable choice as opposed to facial recognition technology or retina scanning.

Biometric data must be converted into code at the point of capture and no biometric images retained or otherwise stored in the database. Furthermore, it should not be possible to recreate the biometric data from code. For the avoidance of doubt, the advice of the manufacture should be sought in relation to the data compliance of its processing methods.

You should ensure that individuals whose data is entered to this system are made aware of your operational process, the following template provides useful guidance.