London Met Police live facial recognition system raises privacy, security concerns
The London Metropolitan Police is to begin using live facial recognition (LFR) technology on a standard basis. Privacy groups have raised concerns about the legality of the surveillance software and its impact on privacy.
“As a modern police force, I believe that we have a duty to use new technologies to keep people safe in London. Independent research has shown that the public support us in this regard. Prior to deployment we will be engaging with our partners and communities at a local level,” assistant commissioner Nick Ephgrave said in the Met Police statement on the development.
The LFR will be initially deployed at locations where serious offenders are frequently spotted, said the announcement. “Each deployment will have a bespoke ‘watch list’, made up of images of wanted individuals, predominantly those wanted for serious and violent offences.”
“Equally I have to be sure that we have the right safeguards and transparency in place to ensure that we protect people’s privacy and human rights. I believe our careful and considered deployment of live facial recognition strikes that balance,” assistant commissioner Ephgrave added in the statement.
However, that assurance seems to have failed in alleviating privacy concerns.
Civil and human rights organisation Liberty, which represented activist Ed Bridges in his failed attempt to stop South Wales Police (SWP) from using automatic facial recognition (AFR), called the development a “sinister step” that will push the UK into a “surveillance state”.
“This is a dangerous, oppressive and completely unjustified move by the Met. Facial recognition technology gives the State unprecedented power to track and monitor any one of us, destroying our privacy and our free expression,” said Liberty’s advocacy director Claire Coolier in a statement.
“Rolling out a mass surveillance tool that has been rejected by democracies and embraced by oppressive regimes is a dangerous and sinister step. It pushes us towards a surveillance state in which our freedom to live our lives free from State interference no longer exists.”
Privacy groups say that the Metropolitan Police has been using live facial recognition in public for years with no public or parliamentary debate.
Ed Bridges last year lost his case against South Wales Police over the use of AFR. His crowdfunded appeal was the world’s first legal challenge over police use of facial recognition technology.
The court went with the police’s claim that the AFR apparatus is placed in public not a form of covert surveillance that would contravene Regulation of Investigatory Powers Act 2000, which states that "surveillance is covert if, and only if, it is carried out in a manner that is calculated to ensure that persons who are subject to the surveillance are unaware that it is or may be taking place".
The plan is announced at a time when the European Union is considering a possible five-year ban on the use of facial recognition technology while it figures out how to properly regulate it.
It was reported earlier that parliamentary committees have called for a pause in the use of the technology until a statutory footing is imposed on them, but both the Metropolitan Police and the Information Commissioner's Office maintains that using the technology is lawful.
VPNMentor last year found out that a security tool named Biostar 2, used by the Metropolitan Police among others, allowed access to biometric data including more than a million fingerprints.
“The concerns over the security of biometrics are not altogether unjustified, with fears being raised over hackers gaining access to sensitive data and regulators admitting they need more time to work out how to prevent the technology being abused,” commented Simon Wood, CEO of Ubisecure.
There are several ways for criminals to circumvent facial recognition surveillance, including the use of deepfakes, said Steve Povolny, head of McAfee Advanced Threat Research.
“Enhanced computers can rapidly process numerous biometrics of a face, and mathematically build or classify human features, among many other applications. While the technical benefits are impressive, underlying flaws inherent in all types of models represent a rapidly growing threat,” he explained.
source scmagazineuk
Industry: Cyber Security
Latest Jobs
-
- Senior Cyber Risk Consultant, UK - Remote first- Exclusive
- United Kingdom
- Depended on experience.
-
Cyber Security Risk Consultant to join specialist, people first security consultancy. WARNING if you want a large, slow moving, high politics, high travel security consultancy that demands their a pound of flesh this is NOT for you. Client focused opportunity. Prior consulting experience is essential within Cyber Security. Experience working with businesses to identity and make recommendations to mitigate cyber risk. Some of the nice to have certifications. CRISC, ISO27001 Lead implementer, CISA, CISM, CISSP UK based - remote first mentality. (With some travel) Training budget Unlimited holiday Looking to interview immediately Unable to offer sponsorship.
-
- identity access Management Consutlant
- N/A
- Upto £80,000 plus benefits
-
An Identity & Access Management Consultant is needed for an expanding business based in the United Kingdom. (Remote role with monthly office meet ups) The Identity & Access Management Consultant will be responsible for the technical design and implementation of Identity & Access Management/IAM products for a wide variety of clients. Deliver bespoke end-to-end consultancy service to our clients, from gathering requirements through to implementation. Work in a close team designing, developing, and implementing first-class IAM solutions. Manage client relationships, working closely with key stakeholders to continually evaluate business requirements and ensure the highest quality solution delivery. If you are interested we are looking for an individual with Previous experience working within the IAM or CIAM field is essential, Strong knowledge with SAML and Oauth and ideally OpenID Previous experience from any of these technologies: One Identity, SailPoint, Saviynt, Ubisecure, Ping Identity, would be advantageous
-
- 17'5 NOT 4 7R4P | Pen testing Lead 100k++
- London
- 100000+
-
Lead Penetration tester wanted please. - This is however a Master level as appose to padawan. 1. 100k+ for the skilled individual. 2. Research / training time 3. Hybrid role- 3 days at home 2 in the office with the team in London. (11am - 16:00) 4. Exclusive opportunity. So yours to hear about if you are quick. Infrastructure and Web application / red teaming pen testing experience Someone that can scope, deliver and speak to clients.
-
- It's Pen Testing, The good, the bad and the ugly
- United Kingdom
- 105000
-
A new lead Pen Testing opportunity, AND slightly different from the usual you may see. The good, the bad and the ugly… Lalalalala la laa laaaa The GOOD 1. £90-110k for the skilled individual. 2. Research / training time 3. Hybrid role- 3 days at home 2 in the office with the team in London. (11am - 16:00) 4. Exclusive opportunity. So yours to hear about if you are quick. The bad 1. You have to apply or email me so we can speak. 2. 17'5 NOT 4 7R4P or click bait The ugly 1. It’s only ugly if you don’t reply and someone else you know gets it. Infrastructure and Web application / red teaming pen testing experience Someone that can scope, deliver and speak to clients. Apply today for more information.