Asked by: Lord Strathcarron (Conservative - Excepted Hereditary)
Question to the Department for Digital, Culture, Media & Sport:
To ask His Majesty's Government what assessment they have made of the data protection and privacy risks posed by private facial recognition companies such as PimEyes to UK citizens.
Answered by Lord Parkinson of Whitley Bay - Parliamentary Under Secretary of State (Department for Culture, Media and Sport)
All organisations in the UK which process personal data, including biometric data, have to comply with the requirements of the UK General Data Protection Regulation and the Data Protection Act 2018.
The Information Commissioner’s Office (ICO) is the UK’s independent regulator for data protection and is responsible for providing advice and guidance on compliance with the UK’s data protection laws.
The ICO is currently considering whether PimEyes’s practices may raise data protection concerns. It would not be appropriate for His Majesty’s Government to comment on an ongoing ICO consideration.