On 28 January 2021, the Council of Europe published new guidelines on the application of data protection principles to the use of facial recognition technologies. The guidelines were prepared by the Consultative Committee of the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (Convention 108).
As noted in the guidelines: “Integrating facial recognition technologies to existing surveillance systems poses a serious risk to the rights to privacy and protection of personal data as well as to other fundamental rights since the uses of these technologies do not always require the awareness or cooperation of the individuals whose biometric data is processed, considering for instance the possibility of accessing digital images of individuals on the Internet.”
Accordingly, the guidelines provide a set of reference measures that governments, facial recognition developers, manufacturers, service providers and entities using facial recognition technologies should follow and apply to ensure that they do not adversely affect the human dignity, human rights and fundamental freedoms of any person, including the right to personal data protection.
The guidelines are set out as follows:
- Part I: Guidelines for legislators and decision-makers;
- Part II: Guidelines for developers, manufacturers and service providers;
- Part III: Guidelines for entities using facial recognition technologies; and
- Part IV: Rights of data subjects.
The guidelines are accessible here.
Please note: The information contained in this note is for general guidance on matters of interest, and does not constitute legal advice. For any enquiries, please contact us at [email protected].