Menu

Filter by
content
PONT Data&Privacy
  • PONT home
    • mill

    0

    Biometric data
    Biometrische gegevens zijn het resultaat van specifieke technische verwerking van fysieke, fysiologische of gedrag gerelateerde kenmerken van een persoon, zoals gezichtsafbeeldingen of vingerafdrukken.

    Answers to pressing legal questions about facial recognition

    In a new legal general framework facial recognition, the Personal Data Authority (AP) answers a number of frequently asked legal questions about the deployment of facial recognition. The document is intended for privacy professionals and organizations looking to deploy facial recognition.

    Personal Data Authority 3 May 2024

    News press release

    News press release

    Facial recognition is prohibited in most cases, but there are exceptions. The paper answers questions that are unclear among professionals dealing with this technology.

    Security purpose exception: hazardous materials

    Facial recognition is in principle prohibited. One of the exceptions is that the use of facial recognition is necessary for authentication or security purposes (Article 29 of the General Data Protection Regulation Implementation Act). The explanatory notes to the UAVG give one example where the exception might apply: the security of a nuclear power plant.

    The facial recognition legal framework now provides a new example: the security of hazardous materials that could be used to manufacture bombs, for example. The AP approved in 2023 the code of conduct of port companies handling international shipping traffic. This stipulates, among other things, that the security of such hazardous materials can be done with facial recognition under strict circumstances. But only if a data protection impact assessment (DPIA) has been carried out beforehand, showing, with justification, that it is necessary and that there is a compelling public interest.

    Prohibition also applies when confirming identity

    The AP also clears up the ambiguity as to whether the processing ban for special personal data now applies in the case of facial recognition for the purpose of confirming a person's identity. The AP concludes that the processing ban does indeed apply in that case.

    Personal use

    The AP also defines the conditions under which there can be "personal or household use" in the application of facial recognition. If this is the case, then the General Data Protection Regulation (AVG) does not apply. The AP cites the example of unlocking a phone with facial recognition. This is allowed, but only if the biometric data is stored on the phone itself, and the user decides what happens to that data. The user must have the choice to use facial recognition or to unlock the phone with a PIN, for example.

    Information for consumers

    As consumers increasingly encounter forms of facial recognition, the AP has also published information for them using the new legal framework. If consumers know how facial recognition works and when its use is or is not permitted, they can better defend their privacy rights.

    Share article

    Comments

    MORE REACTIONS

    Leave a comment

    You must be logged in to post a comment.

    NEWS

    British police secretly search passport database with facial recognition

    News press release

    Mozilla: Do not use biometric lock when traveling to U.S.

    News/press release

    Municipalities did not inform Personal Data Authority about facial scan

    News press release

    Use of facial recognition sometimes notifiable

    News press release

    Reports have appeared in the media about the use of facial recognition in applying for identity documents. In them, it is stated that municipalities are obliged to use it...

    Vacation parks violated privacy law with facial recognition

    News press release
    Information Security Netherlands

    Vacation parks adjust use of facial recognition after AP investigation

    News press release

    AP fines Clearview for illegal data collection for facial recognition

    News press release

    Automatic facial recognition fundamentally changes society

    News press release

    65 percent Dutch voters favor cameras with facial recognition

    News press release
    Information Security Netherlands

    Inspection and deletion requests

    Individuals are increasingly invoking their privacy rights. For example, they ask for a copy of their data or, on the contrary, demand that the organization erase all their data. This raises complex questions. It is a challenge for many organizations: how can they fulfill all these requests efficiently but also properly? On the one hand, privacy compliance is important; on the other hand, you do not want to disadvantage your own position of proof in any future proceedings. A tricky matter with many pitfalls. This course gives you the tools to handle privacy requests efficiently and compliantly. The instructor uses many practical examples and concrete cases are worked out together so that your practical questions are directly addressed.

    Learn more

    Expert membership

    Expert membership

    Benefit now

    Join PONT | Data & Privacy

  • Access to Knowledge Base
  • Read e-books
  • Contact with peers
  • Own news overview
    • BECOME A MEMBER

    General

    Service

    Navigate

    Berghauser Pont Media Group

    CONTACT

    𝕏

    Copyright 2025 Berghauser Pont | Website created by Buro Zero