UK policing minister Chris Philp is pressing for facial-recognition technology to be rolled out by police forces across England and Wales, and will likely push to integrate the tech with police body-worn video cameras.
According to a report co-authored by academics Pete Fussey and William Webster on behalf of Fraser Sampson – the biometrics and surveillance camera commissioner for England and Wales – Philp expressed his desire to expand the use of facial-recognition systems in policing during a closed-door meeting.
While the report – an interim copy of which has been seen by Computer Weekly – was conducted independently of Sampson’s office, the commissioner told Fussey and Webster that he felt it was “extremely likely” that the embedding of facial recognition in policing would also include “exploring integration of this technology with police body-worn video”.
It further noted there is significant public concern over the police’s use of facial recognition, and that a number of other experts and public bodies have been calling for more detailed rules for deployers of the technology.
This includes a House of Lords inquiry into police use of advanced algorithmic technologies; the UK’s former biometrics commissioner, Paul Wiles; an independent legal review by Matthew Ryder QC; the UK’s Equalities and Human Rights Commission; and the House of Commons Science and Technology Committee, which called for a moratorium on live facial recognition (LFR) as far back as July 2019.
Most recently, in February 2023, Sampson also called for clear, comprehensive and coherent frameworks to regulate police use of artificial intelligence (AI) and biometrics in the UK.
However, the government has maintained that there is “already a comprehensive framework” in place. In January 2022, the then policing minister Kit Malthouse said because there is already a strong framework in place, any new policing tech should be tested in court, rather than legislated for, on the basis that new laws would “stifle innovation”.
As it stands, South Wales Police and the Metropolitan Police Service are the only forces in England and Wales to have deployed LFR so far, with the latter spending 2022 ramping up its use of the technology despite ongoing concerns about the proportionality and necessity of the technology, as well as its impact on vulnerable or marginalised communities.
In April 2023, both forces doubled down on their use of LFR technology after research they commissioned found “substantial improvement” in the accuracy of their systems when using certain settings.
Responding to the claim that it intends to push for a wider roll out of facial recognition, the Home Office said: “The government is committed to empower the police to use new technologies like facial recognition in a fair and proportionate way. Facial recognition plays a crucial role in helping the police tackle serious offences including murder, knife crime, rape, child sexual exploitation and terrorism.”
Computer Weekly also asked for figures on the number of people arrested for these offences as a result of facial recognition being used, but received no response.
Proposed data reforms reduce oversight
The overall report, however, largely focuses on the UK government’s proposed Data Protection and Digital Information Bill (DPDI), arguing that it will weaken oversight of the police’s intrusive surveillance capabilities if enacted as is.
“The possibilities for integrated surveillance technology, driven by AI and supported by the internet, create genuine public anxieties over civic freedoms…In current form, the bill will delete several surveillance oversight activities and mechanisms that are set out in legislation and arise from the fulfilment of statutory duties placed on commissioners,” it said.
“Prominent among these is the tabled abolition of Protection of Freedoms Act 2012 (POFA) legislative requirements to (a) appoint a surveillance camera commissioner and (b) to publish a Surveillance Camera Code of Practice, which offers governance coverage far beyond data-related issues. The code is realised through the national Surveillance Camera Strategy, which would also disappear.”
The report also criticises the Home Office’s decision to amalgamate the discrete statutory functions of the biometrics and surveillance camera commissioner roles under the purview of a single office, which was announced in July 2020.
In September 2021, the Home Office further proposed placing amalgamated role under the remit of the Information Commissioner’s Office (ICO), which Sampson himself described at the time as “ill-conceived”.
Noting that surveillance oversight has historically been “overburdened and under-resourced,” the report added: “The bill contains no provision for continuing the work of driving up standards for the development, procurement, adoption and use of surveillance cameras, a programme of work widely applauded across police, practitioner and industry communities.”
According to one of the report’s interviewees, the bill also makes no provision for the absorption of Sampson’s roles by the ICO, and “just deals with extinction”.
On top of facial recognition being relegated to a solely data protection issues, the report also highlighted issues with fingerprints and DNA being handed over to the Investigatory Powers Commissioner (IPCO).
“Considering surveillance impacts and harms purely in terms of data protection is widely recognised as a highly restrictive and selective framing. It is also widely acknowledged that rights concerns arising from surveillance are not reducible to issues of privacy alone,” it said, adding the expansion of the IPCO’s remit also “risks a de facto segregation in the oversight of different biometrics techniques, where the governance of all other forms rests elsewhere.
“It removes any statutory duties from the interface of biometrics and surveillance, the policy basis on which ministers recently combined the POFA commissioner functions. Moreover, one could argue that given the potential for collateral intrusion, remote biometric surveillance resonates more closely with IPCO’s remit than fingerprints and DNA.”
However, the report added that most gaps opened up by the bill could be addressed if responsibility for the Surveillance Camera Code were moved to the IPOC, which it claimed “would harmonise all functions for oversight of traditional and remote biometrics in policing under one established and internationally regarded judicial oversight body”.
It concluded while one of the bill’s stated aims is simplification of surveillance oversight, the proposed ways of achieving greater simplicity could come at the expense of effective oversight, especially given “the significant uncertainties brought by emerging technologies”, and “may actually complicate the oversight landscape” in practice.
The report has been be submitted by Sampson as part of his evidence to the DPDI Bill Committee, which is scrutinising the proposed legislation ahead of its third reading in Parliament.
“The gap analysis remains incomplete, but the interim findings suggest that there may be significant gaps were the bill to proceed in its current form,” he wrote in an email to the committee, adding its authors are “well-placed to provide an objective, evidence-based commentary for the benefit of those tasked with policymaking and the individuals who come after me once my office has gone”.
In Europe, on the other hand, MEPs recently expanded the list of prohibited AI systems – in a raft of proposed amendments to the European Union’s (EU) AI Act – to include the use of LFR in publicly accessible spaces and the indiscriminate scraping of biometric data from social media or CCTV footage to create facial-recognition databases.
While retrospective remote biometric identification systems are now prohibited, MEPs kept exceptions for law enforcement but said it would only be for the prosecution of serious crimes and only after official judicial authorisation.