Embed Size (px)
DESCRIPTION
NeoFace Leicestershire Police Privacy Impact Assessment
Citation preview
Privacy Impact Assessment
Neoface Technology – Facial Recognition
2014
PIA 29 10 2014
CONTENTS
Why Carry Out a Privacy Impact Assessment 2
Regulatory Considerations 2
The Need for Facial Recognition 2
Custody Images 4NeoFace Facial Recognition Technology and the Impact on Privacy 5
Information Flow 6
Consultation 8
Privacy and Related Risks 8
Privacy Solutions 9
Security of the NeoFace System 9
Location 9
Management
Operators
Use of Neoface 10
Risk 11
Evaluation 12
Sign off 12
Integration of the PIA Outcomes Back into the Project Plan 12
Action to be Taken 12
Date for Completion of Actions 12
Appendix 1
2
PIA 29 10 2014
Privacy Impact Assessment for Facial Recognition
1 Why Carry Out a Privacy Impact Assessment
1.1 All processing of personal information must be undertaken within a clear legal
framework, resulting in the minimum intrusion of an individual's privacy.
1.2 The Police Service has a statutory duty under the Police Act 1996 and a duty at
Common Law to prevent, investigate and detect crime as well as safeguarding the
public. Clearly that duty requires the Force to introduce new methods and
technology to meet public expectations, but at the same time, ensuring such
methods and technology are in compliance with relevant legislation.
1.3 This Privacy Impact Assessment is an assessment of the privacy risks to individuals
resulting from the introduction of facial recognition technology to identify individuals
from images presented to it.
2 Regulatory Considerations
2.1 When processing personal information, the Data Protection Act 1998 (DPA) and the
Human Rights Act 1998 (HRA) must be adhered to. The DPA provides the
‘Conditions’ under which the processing of personal information can occur. The HRA
provides information around the privacy considerations which must be taken into
account when using personal information, including decisions around proportionality
and public interest.
2.2 Reference should also be made to the :
Police and Criminal Evidence Act 1984
Common Law Duty of Confidentiality
Police Act 1997
Statutory Code of Practice for the Management of Police information 2006
and associated Guidance
The Regulation of Investigatory Powers Act 2000
3
PIA 29 10 2014
Common Law Duty of a Constable.
Rehabilitation of Offenders Act 1974
Policies, procedures and protocols Force and National
CCTV Code of Practice
Surveillance Camera Code of Practice
3 The Need for Facial Recognition
3.1 The facial recognition system is focused on the implementation of new technology to
enable the Force to identify individuals whose images have been obtained during the
perpetration of offences to enable the arrest of the individual.
3.2 A successful investigation leading to the identification and arrest of an individual
suspected of committing an offence or offences is an obligation and duty placed on
every Police Constable.
3.3 The ‘policing purpose’ prescribed under Common Law includes the prevention and
detection of crime, the apprehension and prosecution of offenders and the
maintenance of law and order. Identifying and dealing with individuals who
perpetrate offences fulfils the first two objectives of ‘Our Duty’; a commitment by the
Office of the Police and Crime Commissioner and the Chief Constable to the people
of Leicestershire to ‘deal with those who cause most harm’ and ‘to protect vulnerable
people from future offences’.
3.4 The ability to identify a suspect as soon as possible and make an early arrest is
extremely important for several reasons:
to secure evidence
to ensure the victim is not subject of further offences
to ensure no crimes are committed against other victims
to remove any threat of crime, further crime or violence to the public at
large
to ensure public confidence in the police is maintained.
4
PIA 29 10 2014
3.5 The software technology identified to assist the Force in their ‘policing purpose’ is
NEC NeoFace, which fulfils a further two of the ‘Our Duty’ principles namely
‘effectively deploying our people’ and ‘ensuring effective and efficient use of
technology’. With the budgetary constraints placed upon the Force, both principles
are becoming ever more important if the Force is to meet its policing obligations and
the expectations of the public it protects.
3.6 Importantly, such software technology provides the opportunity to meet the
requirements at para.2.4
4 Custody Images
4.1 Custody images are those images obtained when an individual is detained by the
police.
4.2 The police derive their powers to obtain an individual’s image from Section 64A of
the Police and Criminal Evidence Act 1984 (PACE)1. PACE and the PACE Codes of
Practice provide the core framework of police powers and safeguards around stop
and search, arrest, detention, investigation, identification and interviewing detainees.
The legislation looks to address the balance between the powers of the police and
the rights and freedoms of the public. Maintaining that balance is a key element of
PACE.
4.3 PACE states that where a person is detained at a police station they may be
photographed with the appropriate consent or if the appropriate consent is withheld,
or where it is not practicable to obtain it, without consent.
4.4 Additionally a person may be photographed at a place other than a police station by
a constable, as a result of a relevant event
(a) with the appropriate consent; or
(b) if the appropriate consent is withheld or it is not practicable to obtain it, without it.
1 PACE has received a number of amendments including those under the Anti-terrorism, Crime and Security Act 2001, the Serious Organised Crime Act 2005, the Police reform Act 2002 etc.
5
PIA 29 10 2014
4.5 PACE permits the police to photograph an individual where the individual has been:
(a) arrested by a constable for an offence;
(b) taken into custody by a constable after being arrested for an offence by a person
other than a constable;
(c) made subject to a requirement to wait with a community support officer;
(ca) given a direction by a constable under section 27 of the Violent Crime
Reduction Act 2006
(d) given a penalty notice by a constable in uniform
(e) given a notice in relation to a relevant fixed penalty offence by a community
support officer by virtue of a designation applying that paragraph to him ;
(f) given a notice in relation to a relevant fixed penalty offence by an accredited
person by virtue of accreditation specifying that that paragraph applies to him ;
(g) given a notice in relation to a relevant fixed penalty offence by an accredited
inspector by virtue of accreditation specifying that paragraph 1 of Schedule 5A to the
Police Reform Act 2002 Act applies to him.
4.6 The custody photograph is then stored within the police data base known as
Custody Image Management (CIM) which holds over 104,000 such photographs.
5 NeoFace Facial Recognition Technology and the Impact on Privacy
5.1 The NeoFace technology is software that is able to compare images presented to it,
which have been captured on media such as CCTV and body cams (one data set)
against photographs of individuals detained under the Police and Criminal Evidence
Act 1984 (second data set).
5.2 NeoFace technology compares the two data sets and identifies matches from facial
characteristics.
5.3 NeoFace does not base its selection on gender, age or race and so will return
images of all ages, genders and race. (Leicestershire Police has chosen not to
incorporate metadata at this time).
6
PIA 29 10 2014
5.4 For each comparison search, NeoFace will select the most likely matches, up to a
total of two hundred. Using new technology to identify potential suspects from an
existing database by automated means, clearly results in a vast amount of personal
data being processed, during each search.
5.5 The use of this technology is not only new to Leicestershire, but to the police service
in general and given the extent of processing by automatic means, a full Privacy
Impact Assessment was undertaken. This decision was also based on the interest
the technology may attract to ensure that during implementation privacy issues had
been identified, recorded and ultimately addressed.
6 Information Flow
6.1 Requests for searches to enable images to be compared against custody
photographs may originate from a number of sources. It is therefore essential that
the provenance of each of the images presented is established to ensure there is a
legal basis before the matching process takes place.
6.2 The images of unknown individuals may originate from a number of sources,
including:
Close Circuit Television Cameras (CCTV) – before, during or after the perpetration
of a crime or incident.
Body Cam images taken by an officer when dealing with an incident or crime – ( The
Force has a Bodycam Use procedure in place)
Social Media – before, during or after an incident has taken place.
E-Fit image – taken from a witness or victim of crime
Surveillance image.
6.3 As previously stated, it is the 104 000 photographs held in CIM that Neoface
compares with the photographic images presented to it. A process for the use of
NeoFace has been identified and is illustrated in the flow chart below.
7
PIA 29 10 2014
Fig 1
6.4 The image of the suspect to be identified is input into NeoFace. The Technology
compares the image of the unknown suspect, to the database containing images of
known persons, detained by the Force. Those NeoFace identifies as matching the
image of the suspect are selected. A search can return up to a maximum of 200
images and will include images of both male and females.
6.5 The operator will view the matches identified by Neoface and manually remove
photographs of those whose images do not resemble the image of the suspect. This
is the point at which human intervention takes over from automated processing.
6.6 Some of the reasons the Operator may eliminate images include:
Wrong gender
Wrong ethnicity
Physical appearance differs
8
Request received by ID unit for Facial Recognition Analysis in one of the following methods:
Email sent to IMU Bodycam
Image
Social Media or Photo from
mobile phone
SurveillanceImage EFIT-V
Image quality assessed by ID Unit for suitability to be used on NeoFace software
Unsuitable: Inform the requesting
OIC. Log on spreadsheet and
file image
Suitable: ID officer will run the image through NeoFace and check the
top 200 returned faces for potential suspects. Images compared against the lawfully held custody database
Potential suspect(s) identified No Potential suspects found. Inform requesting OIC.
Log on spreadsheet and file image
Complete return sheet for OIC with a copy of the image tested and an image of each potential suspect.
OIC made aware this is purely an intelligence tool.
Log on spreadsheet and file image
PIA 29 10 2014
7 Consultation
7.1 Consultation over the implementation of NeoFace has taken place with:
Home Office
Office of the Police Commissioner
Chief Constable
Human Rights Lawyer
During the pilot period and subsequently, the technology and the process has been
televised, using fictional images. It has also attracted visits from the legal profession,
other enforcement agencies and other police forces from around the world.
8 Privacy and Related Risks
8.1 The CIM system contains over 104,000 images, all of which were obtained under
PACE when the person was detained and therefore provides an audit trail showing
both the name provided by the individual at the time and their description also
recorded at the time, which is then held with their image.
8.2 An image and the personal data associated with it, is used before charge for the
following reasons:
To enable a person to be sought, should they fail to answer pre-charge police
bail;
in the event of an allegation that an individual has given a false name which
has resulted in an innocent party being summoned;
in the event of further police enquiries revealing a person detained has
provided false details;
8.3 An image and the personal data associated with it, is used after charge but before
conviction for the following reasons:
to identify an individual when a warrant has been issued by the Court and
police officers have a duty execute it as soon as possible 2.
2 If issued under s13 Magistrates Courts Act 1980, it will be valid indefinitely.
9
PIA 29 10 2014
To enable a person to be sought, should they have been bailed to appear before a court and failed to do so.
Should they have been remanded in custody and after being taken before a
court, bailed to re-appear, but have failed to do so.
Where the court has issued a further bail notice (court bail) and the person
does not attend the hearing
To identify an individual subject of a European Arrest Warrant – where it is
suspected that the person has fled the UK whilst on police or court bail.
8.4 Key privacy issues relate to the retention of images whereby the individual, although
arrested, did not appear before the court because:
CPS decide not to prosecute the case;
The case was discontinued;
The person was not charged due to lack of evidence.
Cases lying sine die.
8.5 Images of detained persons are held on CIM. Therefore, images of those not
convicted will also be retained.
8.6 The Police and Criminal Evidence Act states that photographs taken under s64 may
be used by, or disclosed to, any person for any purpose, related to the prevention or
detection of crime, the investigation of an offence of the conduct of a prosecution or
to the enforcement of a sentence and may be retained provided they are used for
the same purpose for which they were initially obtained.
8.7 Retaining all images of individuals taken under PACE, whether later convicted or not
allows Neoface to search across the whole of the data base and may return images
found in both data sets.
9 Privacy Solutions
9.1 Action being taken to address issues and reduce the risk is already being
undertaken by the Identification Suite (See Data Protection Table).
9.2 Security of the NeoFace system.
8.2.1 Location
10
PIA 29 10 2014
The NeoFace system has been installed in the Identification Suite (ID Suite).
The Identification Suite is situated in a secure building which has limited
access
The Identification Suite is separated from the reminder of the building and is
secured.
The NeoFace is located on a stand-alone computer.
9.2.2 Management
Neoface is owned by the Delivering Justice Directorate. A Detective Chief
Superintendent is in overall charge.
The day to day management is undertaken by the ID Suite Manager.
9.2.3 Operators
The number of NeoFace operators is kept to a minimum.
Their training is undertaken in house under the supervision of the ID Suite
Manager.
10.3 Use of NeoFace
10.3.1 All requests for the use of NeoFace are submitted to the ID Suite and overseen by
the ID Suite Manager.
10.3.2 A Form has been created and must be submitted with each request, which details
the reason for the request and the provenance of the images being presented.
10.3.3 After accepting the image(s), the Operator will undertake the search.
10.3.4 Once the matches are returned by Neoface, the Operator will undertake a visual
assessment and remove any that clearly do not match the image of the individual
sought. E.g. different gender etc.
10.3.5 The Operator will provide the matches which NeoFace has identified and have
been verified, to the OIC as well as making it clear that the images are to be
11
PIA 29 10 2014
treated as information only and that further police enquiries are required to
establish whether the person could be considered as a suspect or not.
10.3.6 The OIC will be reminded that the information being provided is ‘sensitive personal
information’ and therefore must be treated as ‘Restricted’ and if the images
returned are to be sent to the OIC by e-mail, then the Operator will ensure the e-
mail is marked ‘Restricted’.
10.3.7 The Form which accompanies the returned images, reminds the OIC that the
matches are for intelligence purposes only and cannot be used as evidence. They
are not informed as to the status of the person in the custody image.
10.3.8 Guidance should be issued to ensure the decision making during the public interest
test is recorded.
11 Risk See Appendix 1.
12 Evaluation
12.1 In addition to the assessment around the effectiveness of the Neoface Technology in
preventing and detecting crime, the evaluation will take into account the impact on
the privacy of individuals.
12.2 Solutions have already been implemented to address compliance issues identified
during the early project stages, which are proportionate to the aims of the project. (
13 Sign off and record the PIA outcomes
13.1 The Project and the privacy risk have been accepted by D/ Ch. Supt Prior.
The privacy risks involved in the project have been accepted by D/Ch. Supt Prior.
(Still awaiting the outcome of the two privacy court cases).
12
PIA 29 10 2014
14 Integration of the PIA Outcomes Back into the Project Plan
14.1 The ID Suite Manager will be responsible for integrating the PIA outcomes back into
the Project Plan and keeping the Head of the Delivering Justice Directorate
informed.
14.2 PIA outcomes will be addressed by the ID Suite Manager in consultation with the
Head of the Delivering Justice Directorate.
14.3 The ID Suite Manager will be responsible for implementing any solutions to issues
identified back in to the project.
14.4 The ID Suite Manager will confer with Information Management Section regarding
future privacy concerns which will then be raised with the SIRO.
15 Action to be Taken
15.1 As the Data Protection Act 1998 provides the legal framework around the
management and use of personal information, recording the implications the DPA
has on the use of existing custody photographs with the Neoface technology, will
sign post issues to be considered and addressed.
16 Date for Completion of Actions
16.1 As per the Project Documentation.
17 Data Protection Implications
17.1 See Appendix 1
13
Appendix 1
Neoface Privacy Impact Assessment implications for the compliance with the Data Protection Act commenced on the 29.10.2014
The following are the Principles of the Data Protection alongside the risk to the Act in relation to the use of Neoface. This is a living document and should be updated and dated accordingly.
Principle 1
Personal data shall be processed fairly and lawfully and, in particular, shall not be processed unless:a) at least one of the conditions in Schedule 2 is met, andb) in the case of sensitive personal data, at least one of the conditions in Schedule 3 is also met.
Considerations Explanation Additional Considerations/Risks Action/Mitigation/Justification
What is the purpose of this technology?
To introduce technology to assist in the early identification of a suspect.
Photographs of detained persons are collected under PACE and are known as Custody Photographs..
The photograph is used as: An audit trail In the event of an individual
failing to report for bail or to court or for the payment of a fine issued by the court.
Having been convicted, the photograph is then used:
As part of any prohibition
The use of facial technology to compare existing lawfully held information against new information, lawfully obtained and processed;
Reduces the chance of the wrong person being arrested
Eliminates the need to arrest large numbers of suspects
ID Suite Operator overseas the management of PACE Photographs.
ID Suite Operator undertakes Human intervention to ensure the photographs identified by Neoface are similar or the same as the image being presented for comparison. Any photographs returned by Neoface which do not match are rejected.
Only details of those whose image is identified as being the same or similar are provided to the officer in the case, who will undertake a second sift and again reject any they feel do not match the person they
PIA 29 10 2014
order Retained and used to
identify recidivists whether by showing them to a victim of a further crime in an effort to identify the perpetrator
Access to photographic images in an effort to identify a person suspected of being involved in an incident leading to a crime, or a crime per see is an integral part of any police investigation.
Using conventional methods to identify an individual who may be a suspect is time consuming.
Due to financial constraints facing the Force, employing police staff to carry out research to identify potential suspects from information held is difficult to justify, when technology is available.
Despite reduced funding, the Police Service still has to meet legal obligations under Common Law, the
Reduces the need for additional witnesses.
Time lapse may result in the suspect disappearing, continuing to commit crime, threatening potential witnesses to ensure they do not come forward.
There is a critical period - the Golden Hour-during which a crime should be detected. The greater the delay, the less chance of arresting a person.
Reduces the workload of an OperatorProvides an audit trail
are seeking.
15
PIA 29 10 2014
Police Act 1996 and other legislation contained in statute.
Pressures to find quicker and more efficient ways of identifying suspects and solving crime are at the forefront of the Police Service.
The use of biometric technology to identify potential suspects from existing photographs held by the police is clearly a more efficient, effective and a less time consuming process.
The efficiency of the system does increase the privacy concerns surrounding its use.
To identify individuals subject of covert operations, where the photographs have been obtained under RIPA
Ensures an individual can be identified and sought quickly reducing the chance of them: A disappearingB creating an alibiC committing further offencesD Threatening Witnesses
How will individuals be told about the use of their personal data in relation to existing custody records?
Photographs of those arrested are obtained under the Police and Criminal Evidence Act (PACE).Section 64A permits the police to obtain photographs of those arrested in circumstances where a person detained at a police station may be photographed with the appropriate consent or if the
The use of CCTV images by the Force is included in Policy and supported by procedures drawn up, between the Councils and the Force.
CCTV systems owned by the Councils are installed for the purposes of Crime reduction.
Following the CATT case, consider reviewing your photograph retention policy. (date)
Following the CATT case, the need to set review dates of photos obtained of individuals who have not been charged. (date)
16
PIA 29 10 2014
appropriate consent is withheld or where it is not practicable to obtain it, without consent.
In terms of the images presented to Neoface, these are obtained from a number of sources including CCTV, bodycam, other Force’s Custody images (See below).
Photographs submitted for comparison as a result of a covert operation, will be unaware.
Consider including advice to detainee, that their photograph will be retained whether charged or not.
At closure without charge, consider the rational of retention to ensure it is proportionate.
RIPA Authority
Following the CATT case, the rationale behind the retention and importantly, the further use of photographs where the individual has not been charged or convicted (date)
Consider a review of the photographic policy in relation to:
Media release when attempting to trace an individual suspected of an offence,
• Day to day policing
How will individuals be told about the use of their personal data in relation to the images being presented (other than custody images)
The individual will be unaware that the police have their image, until interview/ detention.
The CCTV images obtained by the police are mainly from three sources.1 Council owned2 Privately owned3 Commercially owned i.e. shop owner.The responsibility as to the lawful signage relating to the use of the CCTV falls to the CCTV owner.
Bodycam images from officers wearing bodycam. The use of bodycam is managed through the
Websites already provides information re the use of CCTV
CCTV Cameras all have notices regarding their use for prevention of crime.
Suggest a reminder of the existence of CCTV Policy.
Suggest a review of the instructions around the use of CCTV when drawing up shop watch agreements.
Useful to remind officers of lawful use of bodycams and to remind them of the policy and procedure around such use.
Bodycams are used overtly.
Consider a review of the photographic policy in relation to:
media release when attempting to identify an individual,
Day to day policing
17
PIA 29 10 2014
procedural documents issued. Bodycam may be used where the situation requires them. They must not be left on throughout tour of duty. They will be worn overtly
Photographs obtained as a result of a covert operation will not be aware
RIPA will apply
Can Neoface be used in real time?
There is no direct connection between CCTV/bodycam and Neoface.
Who will have access to Neoface?
Access to Neoface is restricted to the ID Suite staff only under the direction of the ID Suite Manager. There is no intention to allow unrestricted access to Neoface.
Ensure procedures are put in place and also that there is an overarching Policy in relation to the use/access of NeoFace.
Policy and Procedure implemented.
Do you need to amend your privacy notices?
The Privacy Notice provides information on the processing of information in connection with the policing purpose.
CCTV cameras all have the legal plates describing the reason for their use and their ownership.
Privacy Notice is being reviewed in line with the use of Neoface
Have you established which conditions for processing apply?
Schedule 2 (3) Compliance with legal obligations;(5) For the administration of justice(6) (1) The legitimate interests
18
PIA 29 10 2014
pursued by the Data Controller
Schedule 3 (6) Legal Proceedings (7) Administration of JusticeSI 417 regarding the processing of sensitive personal information.
If you are relying on consent to process personal data, how will this be collected and what will you do if it is withheld or withdrawn?
Photographs of those arrested are obtained under the Police and Criminal Evidence Act (PACE). Section 64A permits the police to obtain photographs of those arrested in circumstances where a person detained at a police station may be photographed with the appropriate consent or if the appropriate consent is withheld or where it is not practicable to obtain it, without consent.
Images obtained are either covert – CCTV and Bodycam.Obtained as part of the investigation E-Fit.Or by covert means authorised under RIPA
Who will have access to the matches produced from Neoface?
The matches are provided to the Officer in Case.
It is made clear that the ‘matches’ are for information only and provide a sign post for the officer to assist in
Ensure the data produced is marked as ‘Restricted’.
That GPMS is applied whenever it is processed .
Ensure the policy procedure reflects the need to ensure the data is kept secure at all times and not accessible to those not involved in the enquiries.
19
PIA 29 10 2014
the investigation plan. Ensure the OIC is aware of the handling procedures to ensure the information is processed fairly and lawfully and remains so, until destruction.
Leaving the information visible/accessible to other officers, could result in the individual being detained if seen on the assumption that they are being sought.
20
PIA 29 10 2014
Principle 2Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes.Considerations Explanation Additional Considerations/Risks Action/Mitigation/Justification
PACE permits the use and retention of photographs obtained lawfully. The further use of the photographs already held is in connection with the policing purpose.
Does your use of Facial Recognition cover all of the purposes for processing personal data?
Yes at present.Any additional use over and above that outlined in this PIA, if the Project becomes ‘business as usual’ will need to be risk assessed and a new PIA completed.
There is a need to ensure that policies and procedures develop, as the use develops.
NB The presence of policies and procedures do not legitimise use. They merely clearly define their parameters.
Have potential new purposes been identified as the scope of the technology expands?
No. The use of technology over existing procedures to identify those committing offences is purely to ensure more efficient and effective use of the personal data.
21
PIA 29 10 2014
Principle 3Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.Considerations Additional Considerations/Risks Action/Mitigation/Justification
Is the information you are using of good enough quality for the purposes it is used for?
The photographs obtained under PACE are of very good quality.
The images obtained for comparison are assessed and if they are of poor quality, are not presented to Neoface.
Have you considered what personal data should not be used, without compromising the needs of the project?
Following the case of The Queen on the application of (1) RMC and (2) FJ and the Commissioner of the Metropolis and the Secretary of State for the Home Office and (1) Liberty and (2) Equality and Human Rights Commission, the retention of photographs held within the existing database, where either the person has not been convicted or the case discontinued or the person found not guilty. The legality of the retention of such data is still being reviewed by the ICO’s Legal Team. It was thought that the decision on the retention of photographic information would be included within the Freedom Act, which ultimately addressed and reinforces the rules around the retention of
22
PIA 29 10 2014
DNA and fingerprints. However, both the Data Protection Act 1998 and the Statutory Code of Practice for the Management of Information require the Force to manage such information in such a way that it does not breach legislation. It will however, be more likely to capture individuals who are in the group described above, if they have committed the offence, but less likely to involve the arrest of an innocent individual whose image is held, where they have not been previously prosecuted for an offence.
23
PIA 29 10 2014
Principle 4Personal data shall be accurate and, where necessary, kept up to date.Considerations Explanation Additional Considerations/Risks Action/Mitigation/Justification
If you are procuring new software does it allow you to amend data when necessary?
Neoface is not a storage system However, Neoface can be used as a search engine in the event of searching for and removing images from the custody system
How are you ensuring that personal data obtained from individuals or other organisations is accurate?
Photographs taken of a person under PACE will have the name of the individual attached to them. The fingerprints of the individual are also taken under PACE and are subject of checking against the National Database. Any discrepancies found are rectified as soon as they are identified.
Any requests for NeoFace to be used by Police Partners, will be submitted on a ‘request’ form. The form will record the requestor’s details, the reason for the request and the circumstances by which the image was obtained.
How will you differentiate information received from other organisations?
Searches are managed individually, so there can be no cross contamination
24
PIA 29 10 2014
How long will non custody images be retained?
Images obtained for comparison against Neoface, will only be retained for as long as is necessary.
Where an individual is identified by Neoface, then the original photograph will be provided to the officer, if required for identification purposes and also if the individual is charged, where it will form part of the evidence. The reference number of any match will be kept for audit purposes.
Procedural document in place.
How long are Custody Images retained, where a person is either1 Not charged2 Charged, but the case is not taken to court3 Charged and taken to court but discontinuedCharged taken to court and found guiltyCharged and taken to court and found guilty, but found not guilty on appeal.Case allowed to sit sine die
All photographs are originally obtained under PACE.
PACE states that such photographs can be retained, provided they are only processed for the same purpose.
Additional advice /guidance following CATT decision.
25
PIA 29 10 2014
Principle 5
Personal data processed for any purpose or purposes shall not be kept for longer than necessary for that purpose or those purposes.
Considerations Explanation Additional Considerations/Risks Action/Mitigation/Justification
What retention periods are suitable for the personal data you will be processing?
All custody photographs are retained. Old images are not removed when new
ones are taken.Historic cases are reported to the police.
Are you procuring software which will allow you to delete information in line with your retention periods?
The use of biometric technology will not change the existing ability in terms of the NeoFace technology
Searches using Neoface are saved on secure network and kept in accordance with MOPI
How many duplicate images are there? NeoFace technology has enabled
duplicate entries to be identified and dealt with accordingly.
26
PIA 29 10 2014
Principle 6Personal data shall be processed in accordance with the rights of data subjects under this Act.
Considerations Explanation Additional Considerations/Risks Action/Mitigation/Justification
Will the systems you are putting in place allow you to respond to subject access requests more easily?
No change
If the project involves marketing, have you got a procedure for individuals to opt out of their information being used for that purpose?
Process does not involve marketing.
Is the documented process for the request for removal of photographs by an individual, up to date?If not, it should be updated.
Requests for removal come in via Data Protection and there is a documented process for dealing with requests for removal.
Can the system provide information about the searches that have been presented to it, in the event of such a question from a data subject?
The system is fully auditable and will keep a record of all searches carried out.
Searches are retained in a spreadsheet, along with the details of the returns for monitoring purposes.
27
PIA 29 10 2014
Principle 7Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.Considerations Explanation Additional Considerations/Risks Action/Mitigation/Justification
Do any new systems provide protection against the security risks you have identified?
Access to enable use of the biometric technology is restricted to Identification Suite staff under the supervision of the ID Suite Manager
Access is by use of a user name and password, to permit individual access, which is then auditable.
What training and instructions are necessary to ensure that staff will operate a new system securely?
Access to biographical technology is restricted to Identification Unit Staff only.
Each Operator is individually trained in the operation of the system and the rules around its use.
Each Operator is reminded of the general requirements around security:Logging on and off
Ensure use and privacy requirements are reiterated.
Ensure the policy and procedure reflects the requirements of the Operator, to ensure this is continued if and when new staff are employed.
Ensure policy and procedure is in existence for the day to day monitoring around use.
Consider fitting a security screen.
28
PIA 29 10 2014
Password – composition ofPrevent shoulder surfingPositioning of the screen to prevent it being viewed by othersStaff are reminded of the legislation surrounding the use of custody photographs.
Will your actions interfere with the right to privacy under Article 8?
Under Article 8 there is the exemption from interference with private life, where the interference is in relation to the investigation in relation to the commission of an offence.
Have you identified the social need and aims of the project?
The social pressing need to deal with those who commit crimes against victims and society.
You need to consider the justification for the use of technology to identify individuals involved in other crimes/incidents.
The justification may include the fact that individuals who start by committing low level crime i.e. theft from washing lines, can move on to commit further and more serious crimes, if not identified and dealt with.
Are your actions a proportionate response to the social need?
Our Duty’ has identified the expectations of the public to protect the vulnerable and to deal with those who cause most harm.
Included in Policy
29
PIA 29 10 2014
Failure to do this effectively, may also attract disciplinary action, if it can be shown that a delay was caused by any neglect to investigate a crime, where the identity of the suspect could have been established and as such the officer may be disciplined under the Police Act 1996. Dealing with staff who have failed to carry out the requirements of their roles, can bring the Force into disrepute and reduce public confidence.
30
PIA 29 10 2014
Principle 8 Not Transferred out of Europe
Considerations Explanation Additional Considerations/Risks Action/Mitigation/JustificationIs there an intention to transfer any of the data out of the European Union
No
31
