A New Zealand government position paper on biometrics regulation is an antidote to privacy advocates around the world despairing that policy makers will never move past anodyne lists of principles.
The 17-page document, from the nation’s privacy commissioner, goes into surprising details related to the who, how, what and why of biometrics governance. A good example is the direction given to agencies for privacy impact assessments.
A much narrower effort to regulate biometric is out for public comment in Canada.
There still are more conditional statements (X should happen) throughout New Zealand’s position paper than many advocates would prefer. But it is far more useful than the outlines that are typically published pertaining to a few obvious, high-level governance concepts.
Biometrics regulation is enshrined in New Zealand’s overarching Privacy Act, so the commissioner’s office has some solid ground to stand on. Biometrics regulations will apply to all agencies and private companies that are covered by the act.
As recently as this month, however, the country’s Civil Aviation Authority began a trial of face biometrics at Wellington Airport, against the judgment of the privacy commissioner. And a year ago, police officers were found to have been using facial recognition services without telling lawmakers.
The privacy commissioner “expects” that “all projects involving biometrics” will get privacy impact assessments.
Assessments will ask if data collection is even necessary for a project. They also will check if project managers have considered the sensitivity of biometric data to be used. Highly sensitive information requires tougher security standards.
Agencies also will have to demonstrate that their proposed use of biometrics is targeted and proportionate.
Closely related to that point is a requirement to make sure biometrics-involved projects do not have a disproportionate impact on indigenous Māori peoples.
And the assessment factors go on.
In the other hemisphere, Canadians have been asked for their opinions on how law enforcement — but no other agencies — can use facial recognition, according to IT World Canada.
Canada’s privacy commissioner wants feedback from the people who will be on the business end of facial recognition cameras. They have until October 15 to sound off, and then policies will be written.
Earlier this year, the commissioner’s office judged that the Royal Canadian Mounted Police had illegally used the face-matching service offered by Clearview AI.
biometric data | biometrics | Canada | data collection | data protection | ethics | facial recognition | legislation | New Zealand | privacy | regulation
This site uses Akismet to reduce spam. Learn how your comment data is processed.
Continue Reading
Learn More
Copyright © 2022 Biometrics Research Group, Inc. All Rights Reserved.
Web Design by Studio1337