Thursday

18th Aug 2022

EU considers new rules on facial recognition

  • Security forces have been using the technology for years (Photo: mw238)

The European Commission is exploring stricter rules for facial recognition technology, senior EU officials have told the Financial Times. 

European citizens would be given the right to "know when [facial recognition] data is used," with any exceptions "tightly circumscribed" to ensure the appropriate use, they said.

Read and decide

Join EUobserver today

Become an expert on Europe

Get instant access to all articles — and 20 years of archives. 14-day free trial.

... or subscribe as a group

However, there is a discussion on whether new rules are necessary, as the legal framework might already be there under the bloc's General Data Protection Regulation (GDPR). 

The GDPR was adopted on April 2016 and took effect in May 2018.

Facial recognition data is considered "biometric data", which is a special category of personal data resulting from the technical processing of physical, physiological, or behavioural characteristics.

According to GDPR, the processing of "biometric data" to identify a person requires explicit consent from the person whose data is being collected.

That excluded data used for national security, according to Diego Naranjo, an advocate at European Digital Rights (EDRi), a Brussels-based nonprofit.

But "we have to think, as a society, if this type of technology is needed for the objective that is being used because at the end it constitutes a very serious invasion of citizen's privacy," he added.

Police and security forces have used this type of technology for a long time.

Tech companies are also increasingly using it, with Facebook automatically suggesting that you tag friends in pictures, while Apple's face-scanning software unlocks phones without pressing a button.

Not everyone is convinced new rules are needed, however.

Experts' opinion

Ursula von der Leyen, the incoming president of the European Commission, said in July that she wants "to put forward legislation for a co-ordinated European approach" on the human and ethical implications of AI.

However, EDRi said in a statement on July 22 it would take a long time "to formulate a meaningful and future-proof piece of legislation on this topic".

Doru Peter Frantescu, a member of the EU forum European AI Alliance, also said the solution was not "more and more regulation" but "investing more and more in education of the citizens".

"We are still to properly evaluate the effects of GDPR on Europe's growth, I think it is too early to come up with yet another regulatory layer," he added.

Assuming that citizens understand how AI and technology in general works and how it is implemented in our society, "then these citizens will be able to distinguish for themselves the situations when AI is an opportunity for them from those situations in which indeed AI is a threat," said Frantescu.

"If we have a high level of awareness among the public, then the citizens will become contributors to growing Europe's digitalisation. If instead, they are being driven into thinking that AI is mainly a threat, then we undermine our competitiveness and with it Europe's role on the global stage," he added. 

Commission's perspective

In June, the EU's high-level expert group on AI put forward a set of recommendations and ethical principles for the use of these technologies, including facial recognition.

According to commission spokeswomen Natasha Bertaud, "these [recommendations] are currently being tested".

The experts appointed by the commission indicated examining the need for new regulation to address the critical concerns listed in the Ethics Guidelines for Trustworthy AI. 

One of the critical concerns listed in the document is the "automatic identification [of individuals]" because "it raises strong concerns of both a legal and ethical nature".

"Individuals should not be subject to unjustified personal, physical or mental tracking or identification, profiling and nudging through AI powered methods of biometric recognition such as: emotional tracking, empathic media, DNA, iris, and behavioural identification, affect recognition, voice, and facial recognition and the recognition of micro-expressions," the expert group said.

Application of facial recognition technologies "must be clearly warranted in existing law," where the legal basis for such activity should be the consent of the data subject, it added.

Eight EU states miss artificial intelligence deadline

Pan-European strategy "encouraged" member states to publish national artificial intelligence strategies by mid-2019. Germany, France and the UK have already done so - others are lagging behind.

GDPR - a global 'gold standard'?

The new EU privacy rules are touted as a global 'gold standard' - but Mexico's former data commissioner warns some nations are far from ready.

EU warned over fast-tracking facial recognition

A new report of the European Agency for Fundamental Rights calls for "a clear legal framework" to regulate facial recognition technologies, saying that collecting facial images of individuals without their consent can harm people's dignity.

AI skewed to young, male, and western EU, report warns

A new study reveals the current market ecosystem for artificial intelligence (AI) in Europe is uneven across both gender and demographic lines - raising new demographic concerns for the incoming AI legislation of the new commission.

Commission plan allows police to shoot suspects in other EU states

Although only a recommendation, the latest proposal on police cooperation would allow them to arrest - or shoot, if necessary - suspects in other EU states. The EU Commission also seeks to automate sharing of facial-recognition images by police.

Opinion

The Digital Services Act — a case-study in keeping public in dark

Companies and lobby groups like Spotify, Google and International Federation of the Phonographic Industry (IFPI) were able to lobby member states using live knowledge of the trilogue discussions on content-ranking systems, advertising and liability for search engines.

Stakeholder

The CPDP conference wants multidisciplinary digital future

During the Computers, Privacy and Data Protection (CPDP) conference, many high-level discussions will touch upon the dynamics of decision-making in the design of new technologies, including the importance of inclusion, diversity, and ethics perspectives within these processes.

News in Brief

  1. UN chief meets Zelensky and Erdogan over grain exports
  2. Fighting stalls ahead of UN visit, Ukraine says
  3. German chancellor to face MPs over tax-fraud probe
  4. Norway wealth fund makes record €171bn loss
  5. German utility firm Uniper on 'brink of insolvency'
  6. ECB mulls big interest rate hike amid recession risk
  7. Germany unlikely to hit November gas-storage target
  8. Mali accuses France of arming Islamist fighters

Stakeholders' Highlights

  1. Nordic Council of MinistersNordic prime ministers: “We will deepen co-operation on defence”
  2. EFBWW – EFBH – FETBBConstruction workers can check wages and working conditions in 36 countries
  3. Nordic Council of MinistersNordic and Canadian ministers join forces to combat harmful content online
  4. European Centre for Press and Media FreedomEuropean Anti-SLAPP Conference 2022
  5. Nordic Council of MinistersNordic ministers write to EU about new food labelling
  6. Nordic Council of MinistersEmerging journalists from the Nordics and Canada report the facts of the climate crisis

Latest News

  1. Serbia expects difficult talks with Kosovo at EU meeting
  2. How scary is threat to Ukraine's Zaporizhzhia nuclear plant?
  3. Slovakia's government stares into the abyss
  4. Finland restricts Russian tourist visas
  5. Conditions met for German nuclear extension, officials say
  6. A year of Taliban — only aid is keeping Afghan kids alive
  7. Is this strange summer a moment of change?
  8. Germany rejects visa ban for Russian tourists

Join EUobserver

Support quality EU news

Join us