Facial Recognition Technologies: What’s at Stake and Why
Facial Recognition (FR) has evolved considerably in recent years and has many important potential benefits such as ease and security of use, privacy protection, and the detection and deterrence of crime. However, it can also be used excessively and intrusively and needs to be used appropriately, in circumstances that are justified and in accordance with good privacy laws and principles.
The SIA believes that recent moves to ban facial recognition technologies in a number of US states are premature. Similarly, in the EU, recent proposals regarding the development and use of artificial intelligence (AI) systems classify those intended to be used for remote biometric identification as ‘high risk’. If adopted, these systems would require a stringent ex-ante conformance assessment.
Pressing the pause button without a reasoned debate on privacy and civil rights, or on the potential IP and sovereignty issues of greater regulation, represents a potentially backward step for public safety that also limits the abilities of companies to transact securely with consumers in the digital world. See our blog on artificial intelligence here.
Facial recognition technologies have proved invaluable during the COVID-19 pandemic, making it possible for citizens to enrol remotely for services and verify their identity.
The SIA believes it is up to the authorities to play their role as regulators and to define the limits and conditions of use of facial recognition technologies, working with the industry to put in place governance frameworks that address the concerns of all stakeholders.
In Europe, data protection frameworks such as the GDPR – together with recommendations issued by the Council of Europe – precisely address the issues of privacy-sensitive technologies in a highly constructive way. They provide a detailed outline of measures relating to the processing of biometric data, helping policy makers and civil society representatives around the world define highly structured governance frameworks that ensure the safe and trustworthy use of facial recognition technology.
Responsible technology providers, such as the SIA members, are committed to strict compliance with such regulations and to ensuring that the use of these technologies is not misappropriated, is non-discriminatory, and is respectful of individual freedoms.
The SIA believes that facial recognition technologies offer significant benefits to society when used effectively and responsibly, and has set out the core principles all its members adhere to.
Global Facial Recognition Market overview
The global facial recognition market is evolving at an explosive rate and is expected to reach USD 9.99 billion by 2025 (insert source). The adoption of the technology across a variety of applications is proving a driving force for this market growth. Widespread adoption and increasing awareness of the technology among the general public is being fuelled by the incorporation of face recognition technologies in smartphones that makes it fast and easy for users to unlock their phones, sign into mobile apps and verify payments.
The recent coronavirus pandemic has served to further propel the adoption of real-time face recognition technologies that give users a convenient and touch-free way to quickly authenticate who they are and complete a transaction or action. As a result, it is expected that the acceleration of digitalization will result in the increasing usage of face recognition in a number of use cases. These include:
- Passenger/traveller screening/identity verification at airports/borders that enhances flows and reduces the need for physical interactions between members of the public and staff
- Instant payments for transit passengers – touchless automatic payment and access to transport
- Zero touch authentication for secure access to buildings, communities, lockboxes, smart homes, cars, parking spaces and more
- Digital ID check-ins at stores and e-commerce sites that enable users to conveniently make/collect purchases
- Workplace deployments that support contact tracing/workforce security/social distancing/ enforcement programs
- The delivery of digital-identity powered citizen services in smart cities
- Identity proofing and Know Your Customer (KYC) verification for banking services, creation of online accounts/onboarding, mobile banking, and mobile commerce
- Payments and room access in hotels
- Authentication of patient identity in telemedicine and other remote healthcare applications
- Utilization in e-learning platforms to authenticate student access to materials/attendance tracking and monitoring
Facial Recognition Technology Insights
Facial recognition systems utilize biometrics to identify and authenticate an individual using a set of recognizable and verifiable data unique and specific to that person. In the case of facial biometrics, a 2D or 3D camera ‘captures’ a face and transforms it into digital data by applying an algorithm before comparing the image captured to those held in a database or in an official identity document presented by the holder. These automated systems can be used to identify or check the identity of people in a few seconds based on their facial features (spacing of the eyes, the bridge of the nose, the contour of the lips, ears, chin etc). Easy to deploy and implement, the interaction between the person and the machine is facilitated and touchless.
The technology is evolving rapidly too, thanks to AI, edge computing, 5G, IoT, and machine learning enhancements. Today’s new ‘faceless recognition’ systems can now utilize mathematical representations that ‘replace’ the face and eliminate the need for the storage of a photo or video of users. Other emerging technologies include facial analytics and cloud-based systems that include a detailed analysis of skin texture and local features to provide extremely high accuracy and detection capabilities that are able to determine the changed attributes of facial characteristics.
The Big Debate: Personal safety vs privacy
The face represents a crucial aspect of our sense of self, so unsurprisingly the growing deployment and ubiquity of facial recognition technologies is now fuelling widespread debate among many who are concerned about a variety of legal, political, ethical, and social threats posed by these innovative technologies.
Typically, these discussions are focused on the usage of facial recognition for surveillance with concerns being raised about the dangers of mass surveillance, bias, personal data protection and cybersecurity breach risks. Similarly, discussions and concerns are being raised about the use of facial recognition for authentication (applications that people want to use) in relation to who holds this identity data and what they do with it.
Facial recognition technology is a powerful tool that can deliver multiple benefits for all when used responsibly. Which is why it is vital that the industry and regulators work closely together to address the very real concerns the technology poses with security measures and regulations that enable the technology to be put to best use.
Looking to the future, the questions of privacy, consent and function creep (data collected for one purpose being used for another) will be central to this debate.
The Evolving Regulatory Landscape
In Europe, the General Data Protection Regulation (GDPR) provides clearly the most advanced legal framework, the most prescriptive with an advanced level of protection, with the objectives of several countries to obtain a free flow of data with economic aims.
There is an ongoing convergence of data protection levels around the world although there is still a lot of work to be done to reach a common understanding.
In January 2021, the Council of Europe issued guidelines and recommendations that legislators, developers, and service providers should follow to ensure they do not adversely affect the human dignity, human rights and fundamental freedoms of any individual. Previously, the Council of Europe has also provided detailed practical guidance on the use of personal data in the police sector.
Similarly, the European Commission proposed new rules and actions on the development and use of artificial intelligence (AI) systems, offering a similar opportunity to standardize compliance around the world. These proposals are in the early stages, and there’s definitely work to be done. However, there’s no doubt that a fit-for-purpose, responsible framework will be of benefit as biometric technology and use cases evolve.
Prioritizing Governance: The Time is Now
Increased public awareness and concerns relating to the implications of facial recognition as it becomes increasingly merged with applications like automotive, the smart home and smart city environments means that the industry will need to become more adept at addressing misinformation or misunderstandings relating to biometric identification/authentication systems (its accuracy, its potential for bias, its potential for exposure/breach).
Around the globe, regulators, government bodies and private organizations are requesting greater clarification on the use and application of facial recognition technologies that have significant potential for both security and convenience-related use cases.
Citizens need to keep control of their biometric data; how it is used, how long it is saved and for what reason.
The SIA believes it is time for regulators and governments to define governance frameworks for the use of facial recognition technologies. There are already some very good regulations (i.e. GDPR) and recommendations (i.e. CoE) to do so. They should also engage in reasoned discussions and collaboration with the industry to define these frameworks that would allow all stakeholders to benefit from this technology while addressing the public’s concerns over human rights.
Prioritizing new regulations and governance around the responsible acquisition and management of facial recognition data will help provide a stable environment for the progression and further adoption of facial recognition technologies. The SIA is committed to ensuring that this journey addresses the issue of common consent – so that citizens can navigate the different trade-offs they will face along the way.