Dániel Necz held a speech on facial recognition systems and on their regulation in the EU at the “Effects of new technologies on democracy” conference on 25 May 2022, hosted by the Constitutional Court of Hungary, the Authority for Data Protection and Freedom of Information and the Hungarian National University of Public Service.
Facial recognition system is considered an artificial intelligence solution empowered by a camera system, which can identify persons viewed based on image data stored in a related data base. Such systems have already been implemented around the globe in many countries and generally faced severe criticism, especially in Western democracies. Naturally, facial recognition systems have the capability of helping to prevent terrorist attacks and similar severe crimes an detect suspects and other persons of interest. In practice, however, such systems often provide inaccurate or biased results.
With regard to the above, the European Parliament adopted a resolution on 6 October 2021, banning the public use of facial recognition systems for law enforcement purposes. Similarly, the European Data Protection Board and the European Data Protection Supervisor adopted a joint opinion on 21 June 2021 calling for ban on AI for automated recognition in public spaces.
The Draft EU AI Regulation also generally prohibits the use of ‘real-time’ remote biometric identification systems for the purpose of law enforcement with certain exceptions (including the targeted search for specific potential victims of crime, the prevention of terrorist attacks or similar threats, detection, localization, identification or prosecution of perpetrators of certain serious crimes). It is highlighted, however, that currently such systems do not certainly seem capable of serving law enforcement purposes effectively especially due to the risks associated with algorithmic bias, effects on democracy and non-compliance with data protection requirements.
The data protection authority and court practice in Europe also have such fears about facial recognition systems and their effects on democratic societies. The Italian data protection authority, for example, imposed a data protection fine of EUR 20 million on Clearview AI, a US company offering facial recognition solutions. A number of data protection authorities and courts in Europe also imposed a ban or a similar fine on facial recognition systems implemented in schools. The Hungarian data protection authority also reviewed the CCTV operation of a local municipality in Hungary, which was allegedly empowered by facial recognition capabilities, however, it turned out that such function of the system was not activated.
In line with the above, facial recognition systems currently do not seem to be capable of serving law enforcement purposes without serious risks of bias, opacity and non-compliance with privacy and data protection laws.
Author: Dániel Necz