Data watchdogs want EU-wide ban on AI facial recognition

22 June 2021

AI security cameras with facial recognition technology are seen at the 14th China International Exhibition on Public Safety and Security. (Photo by NICOLAS ASFOURI / AFP)

Europe has had enough of the data privacy concerns surrounding AI in controversial facial recognition systems. The EU’s data protection agencies this week called for an outright ban on using artificial intelligence to identify people in public places, pointing to the “extremely high” risks to privacy.

In a non-binding opinion, the two bodies called for a “general ban” on the practice that would include “recognition of faces, gait, fingerprints, DNA, voice, keystrokes and other biometric or behavioral signals, in any context”. Such practices “interfere with fundamental rights and freedoms to such an extent that they may call into question the essence of these rights and freedoms,” the heads of the European Data Protection Board and the European Data Protection Supervisor said.

The ban would include any AI that would “categorize individuals into clusters based on ethnicity, gender, political or sexual orientation”, the statement said. The opinion from the data watchdogs is intended for the European Commission. The EU’s executive arm unveiled a proposal in April to regulate AI that fell short of an outright ban on using the technology for public identification.

The commission’s plan includes special exceptions for allowing the use of mass facial recognition in cases such as searching for a missing child, averting a terror threat, or tracking down someone suspected of a serious crime. Brussels hopes its first-ever legislative package on AI will help Europe catch up with the US and China in a sector that spans from voice recognition to insurance and law enforcement.

In a statement, the commission said it took note of the opinion, but stood by a proposal “that provides sufficient protection and limits the use of those systems to the strict minimum necessary”. The proposal is under negotiation at the European Parliament and among the 27 member states. The outcome could set a global standard for how tech is regulated.

The call from the data protection agencies comes just two months after the EU’s “landmark” plan to regulate the sprawling field of AI and biometric privacy for tech like facial recognition, aimed at easing public fears of Big Brother-like abuses by imposing checks on technology deemed high risk. But the draft rules have sparked competing complaints from all sides of the debate, with Big Tech firms warning bureaucracy could suffocate development and civil liberties groups complaining the proposals have too many “loopholes”.

The regulation requires companies to get specialized authorization for applications deemed “high risk” before they reach the market. These systems would include “remote biometric identification of persons in public places” – including AI-powered facial recognition – as well as “security elements in critical public infrastructure”. Meanwhile, Google and other tech giants are taking the EU’s AI strategy very seriously as Europe often sets a standard on how tech is regulated around the world. Last year, Google warned that the EU’s definition of artificial intelligence was too broad and that Brussels must refrain from over-regulating a crucial technology.