ICO reminds police to follow data protection rules when using facial recognition

A blog article by Emily Keaney, Deputy Commissioner for Regulatory Policy at the Information Commissioner's Office (ICO), explains why data protection is the foundation of responsible police use of facial recognition technology (FRT).

Keaney writes that for the public in England and Wales to maintain trust in these systems, police forces must ensure they do not jeopardise civil liberties. New ICO research highlights that the public's primary concerns regarding the regulation of FRT include accuracy, proper officer training, and safeguards against bias.

The ICO plans to publish an outcomes report later this year to share learnings across all UK forces. The regulator maintains that successful implementation of FRT depends on strong governance, including clear policies, defined roles, and lawful data handling processes. Furthermore, forces are expected to conduct routine testing for discriminatory outcomes that may arise from technology design, training data, or watchlist composition. The ICO's core message is that data protection laws provide essential safeguards for proportionality and human rights, and that any future regulatory regimes should build on these foundations rather than replace them.

Training Announcement: Freevacy offers a range of independent data protection qualifications from IAPP and BCS. Our certified courses are available at foundation and practitioner levels and cover multiple legal jurisdictions, data protection operations management, and the implementation of complex privacy solutions in technical environments. Find out more.