ICO orders Serco Leisure to stop using facial recognition technology to monitor attendance of leisure centre employees (UK)

The Information Commissioner’s Office (ICO) said that the company ‘failed to show why it is necessary or proportionate to use FRT and fingerprint scanning for this purpose, when there are less intrusive means available such as ID cards or fobs.’

In the ICO’s statement, John Edwards, UK Information Commissioner said:

.."Biometric data is wholly unique to a person so the risks of harm in the event of inaccuracies or a security breach are much greater - you can't reset someone's face or fingerprint like you can reset a password. 

.. “This is neither fair nor proportionate under data protection law, and, as the UK regulator, we will closely scrutinise organisations and act decisively if we believe biometric data is being used unlawfully.”

..“This action serves to put industry on notice that biometric technologies cannot be deployed lightly. We will intervene and demand accountability, and evidence that they are proportional to the problem organisations are seeking to solve. 

The ICO has published new guidance on the use of biometric data.