NTIA to begin work on facial recognition privacy code of conduct


The National Telecommunications and Information Administration announced Dec. 3 it will convene a multistakeholder process focused on privacy to develop a voluntary code of conduct that specifies how the Consumer Privacy Bill of Rights applies to facial recognition technology in a commercial environment.

Facial recognition technology is being used more in a range of commercial applications, but there are consumer privacy challenges, said NTIA Administrator Larry Strickling in a Dec. 3 blog post. For example, securing the data, transparency around how it's used and controls around how facial images are obtained in the first place. 

"Discussions could include an examination of the privacy risks associated with the use of photo databases in stores and other commercial settings and face prints as a unique biometric identifier," said Strickling.

NTIA isn't the first government agency to tackle the issue. The Federal Trade Commission held a workshop and issued a staff report in October 2012 on the privacy and security implications of facial recognition technology.

The first NTIA-hosted meeting on exploring privacy safeguards for the use of facial recognition technology in the commercial context will be Feb. 6, with more meetings to come in the spring and summer.

NTIA's last privacy process, mobile application privacy, was a failure, according to some stakeholders involved in the process. The resulting draft mobile app code of conduct, is now undergoing testing.

Some involved complained that the process did not fully examine mobile data collection efforts and marketing techniques. Others said the entire premise was off; a privacy law, not a voluntary code, is really what's needed, they said.

The Privacy Blueprint that accompanied the February 2012 "Consumer Privacy Bill of Rights" directed the NTIA to convene a series of multistakeholder processes that explore consumer privacy as it applies to particular business contexts. In June 2012, NTIA announced that the first IT privacy context it would address was transparency in mobile application privacy.

For more:
- read the announcement
- read the blog post

Related Articles: 
DHS to use hockey game to test facial recognition
White House: 'Consumer Privacy Bill of Rights' a step toward do not track legislation 
NTIA seeks feedback on formulating consumer privacy code