Biometric technology raises some special privacy issues. Digital photography poses a unique challenge as facial recognition is increasingly used for remote surveillance by governments and private companies (such as Facebook). Unlike fingerprint and iris scanners, facial recognition can be used without the knowledge of the subject. This is particularly worrying in the context of political and civil liberties, where the ability of governments to identify protestors could hamper free expression (see Freishtat, 2012). Also, like other personal data, there is the question of low long biometric data should be retained, and concern that retention spans may far exceed the period of relevance for the particular application that motivated the data collection1.

Swedish citizens obliged the government to incorporate specific clauses into the legislation governing the use of biometrics that specifically prohibits photographs obtained for biometric identity cards being used for facial recognition2.

The US Federal Trade Commission has offered guidelines on the use of face recognition but has not blocked the use of the technology. Best practices are established3:
  1. Privacy by Design: Companies should build in privacy at every stage of product development.
  2. Simplified Consumer Choice: For practices that are not consistent with the context of a transaction or a consumer’s relationship with a business, companies should provide consumers with choices at a relevant time and context.
  3. Transparency: Companies should make information collection and use practices transparent.
The International Biometrics & Identification Association makes recommendations4 establishing guidelines that usage of facial images adhere to the principles of transparency and customer consent.

But these guidelines cover commercial enterprises, and it is an Owellian fear that government will abuse biometric data that drives the public's fears, explaining why some of the leading developed democracies, including the U.S.A., the UK, France, Canada, Australia, and Italy do not have a national ID system, let alone one that includes biometrics. The solution to this is to establish a comprehensive legal framework, as the London School of Economics recommended to the British government in 2005. Failing to follow that that advice led to the eventual demise of the project in 2010.

More at:
Face Recognition in the Era of the Cloud and Social Media: Is it Time to Hit the Panic Button?
Facing Facts
Just a face in a crowd? Scans pick up ID, personal data
Privacy and Biometrics

  1. Identification for Development: The Biometrics Revolution pg 15
  2. Förordning om nationellt identitetskort
  3. Facing Facts pg 2
  4. Face Detection & Face Recognition Consumer Applications Recommendations for Responsible Use