Watchdog urges biometrics regulation in policing

A report has urged the government to introduce legislation to regulate the use of biometrics technologies in police forces as risks around privacy and public loss of confidence in the technology increase.

In his annual report, biometrics commissioner Paul Wiles highlighted the dangers around ongoing biometrics deployments in policing without clear laws.

While “proportionality” of use of DNA and fingerprints was decided by Parliament, new capabilities – most notably facial recognition – still lack a specific statutory framework.

However, police forces are pushing ahead with public trials of these technologies. In some instances, such experiments, which are intended to assess the technology before going live, have seen individuals being questioned and even wrongly arrested. Such approaches to could lead to serious consequences, the commissioner noted.

“The strategic question is whether the public will retain their confidence in the police use of biometrics if the important issue of proportionality has not been decided independently, by our elected representatives, rather than the police themselves,” Wiles wrote in the 141-page report.

“It is difficult to see any body other than Parliament being the appropriate arbitrator of proportionality in respect of how the loss of privacy by citizens should be balanced against the exercise of a policing power,” he added.

However, Wiles argued that “there is a gap between the pace of development of biometrics and the ability of government to respond”.

The commissioner also noted the problems related to the development of biometric databases across government “without clear governance rules or an overall government strategy nor a clear, specific legislative framework”.

Examples of such databases are the applications under the Home Office Biometrics (HOB) programme, which includes two national biometrics systems providing fingerprints, DNA and facial matching.

According to the commissioner, more clarity and governance is needed around HOB programmes and the searching into police databases by other public bodies.

On the point of cross-departmental use of data, Wiles said he is “very concerned” about the Ministry of Defence carrying out searches into the police national fingerprint database without an agreed, clearly defined lawful basis.

“There is nothing inherently wrong with hosting a number of databases on a common data platform with logical separation to control and audit access, but unless the governance rules underlying these separations are developed soon then there are clear risks of abuse,” Wiles said.

The commissioner noted that rules to govern the use of biometrics in police forces could be a long way off, given the current government focus on Brexit.

“Home Office ministers currently show no sign of proposing a new legislative framework with specific rules to govern the police use of new biometrics in England and Wales,” he said.

“I do not know whether this is because they disagree with the need for such legislation or whether this is just another casualty of the need to focus on Brexit matters.”

The UK biometrics strategy was launched in 2018 and has been criticised for not providing a detailed and coherent strategy or governance framework.

The Home Office released a response to the commissioner’s report, stating that it is working on improving governance and oversight arrangements around biometrics, in particular when it comes to emerging innovations.

In the response, countering extremism minister Susan Williams said the government welcomes the debate around public safety and privacy around use of biometrics and that the Home Office will soon provide an update of the work to simplify and extend biometrics governance.

Williams also stated that the Home Office is working to address the issue of access rules for biometrics databases involving data from various agencies on the same platform, such as police and immigration fingerprints, through governance work and under HOB.

Despite his criticisms to the current approach to biometric governance, Wiles was complimentary of a new proof of concept, the National Data Analytics Solutions (NDAS) funded by the Home Office, which is aimed at using data analytics and machine learning to get better insights from police data.

“I have been impressed with how carefully the present NDAS programme has thought through how such analytics should be used, especially the danger of bias and what limitations there should be on the use of any predictions which relate to the risk presented by an individual,” Wiles said.