The ICO exists to empower you through information.

At a glance

  • Biometric recognition systems do not need to be 100% statistically accurate to comply with the accuracy principle.
  • You should ensure that your records indicate that decisions made by biometric recognition systems are statistically informed guesses rather than facts.
  • The accuracy of biometric data can decrease over time because of the aging process and other life events.
  • You must have appropriate processes in place to check the accuracy of the personal information you collect and create.

In detail

Does the accuracy principle apply to our biometric recognition system?

Yes. The accuracy principle applies to the processing of all personal information. This includes any information associated with biometric data in a database (eg name or date of birth).

But there can be some confusion between the accuracy principle and the concept of statistical accuracy that features in automated systems like biometric recognition systems.

The accuracy principle is about ensuring the personal information you process is not inaccurate or misleading as to any matter of fact. As noted earlier, statistical accuracy is about how well your system performs in given conditions. For example, the rate of false biometric acceptance or rejection.

Statistical accuracy is more relevant for your considerations about the fairness principle (ie whether the decisions your system makes result in fair outcomes for people).

The outcomes of your biometric recognition system are statistically-informed judgements about someone’s identity. They are based on estimates about the level of similarity between a biometric probe and a biometric reference, usually in relation to a threshold.

See How do biometric recognition systems work? for more information.

Biometric recognition systems involve the processing of personal information, and therefore the accuracy principle applies. But they don't need to be 100% statistically accurate to comply with it.

To avoid these outcomes being misinterpreted as factual, you should ensure that your records indicate they are statistically-informed guesses rather than facts.

At the same time, you must ensure that your system is sufficiently statistically accurate for your purposes. This doesn't mean every single outcome has to be correct, but you must factor in the possibility of errors happening and the impact they may have both on your decision-making and the people it applies to. If you don't do this, your processing may not comply with the fairness principle.

See How do we process biometric data fairly? for more information about how statistical accuracy impacts your compliance with data protection law.

Example

A company uses a fingerprint recognition system to control access to a restricted area of its premises. An employee who is permitted to access the restricted area attempts to use the system to gain access, but it falsely rejects them.

While this false rejection is a matter of fact - the system failed to allow the employee into the area - it doesn't mean that the processing of personal information is inaccurate in the context of the accuracy principle.

This is because the system's comparison process produced a similarity score rather than a statement of fact. The company clearly labels its records to note this.

When do we need to collect new biometric samples?

Our physical, physiological and behavioural characteristics change as we age. However, the biometric reference that describes these characteristics is fixed in time at the point at which this information was captured.

This means that the accuracy of biometric references can decrease over time. Therefore, the same biometric reference can result in a greater false non-match rate as someone ages.

Different characteristics change at different rates, and the rate of change of these characteristics is likely to be greatest in younger people.

If you discover that biometric data is no longer accurate, you must take reasonable steps to correct or erase it as soon as possible.

You should have a re-enrolment process that appropriately addresses these issues for your circumstances.

If a biometric reference is no longer necessary for your purposes, you must delete it.