In Europe and across the world, the use of remote biometric identification (RBI) and surveillance systems such as facial recognition, in our publicly accessible spaces, represents one of the greatest threats to fundamental rights and democracy that we have ever seen. The remote use of such systems destroys the possibility of anonymity in public, and undermines the essence of our rights to privacy and data protection, the right to freedom of expression, rights to free assembly and association (leading to the criminalisation of protest and causing a chilling effect), and rights to equality and non-discrimination.
Without an outright ban on the remote use of these technologies in publicly accessible spaces, all the places where we exercise our rights and come together as communities will be turned into sites of mass surveillance where we are all treated as suspects.
These harms are not hypothetical
Uyghur Muslims have been systematically persecuted by the Chinese government through the use of facial recognition. Pro-democracy protesters and political opponents have been suppressed or targeted in Russia, Serbia and Hong Kong through the use – and in some cases, even just the fear of the use of – RBI in publicly-accessible spaces.
There is also already significant evidence that European residents have been systematically subjected to biometric mass surveillance practices. From football fans, to school children, to commuters, to shoppers, to people visiting LGBTQ+ bars and places of worship: the harms are real and prevalent.
Even some of the world’s biggest providers of biometric surveillance systems – Microsoft, Amazon and IBM – have adopted self-imposed moratoriums due to the major risks and harms that they know their systems perpetuate; and Facebook has deleted its mass facial image database.
The urgent need for further action has also been recognised at EU Member State level. Italy has introduced Europe’s first moratorium on public facial recognition. The German coalition government has called for an EU-wide ban on biometric mass surveillance practices. Portugal dropped a law which would have legalised some biometric mass surveillance practices. And the Belgian Parliament is considering a moratorium on biometric surveillance.
The AI Act is the obvious way for the European Parliament to make a binding, impactful law. As the first region to comprehensively regulate artificial intelligence, the EU’s actions – or inaction – will have major ramifications on biometric mass surveillance practices in every corner of the globe.
Will the EU legitimise authoritarian technological surveillance, or choose fundamental rights?
To protect fundamental rights, the AI Act must prohibit all remote (i.e. generalised surveillance) uses of biometric identification (RBI) in publicly- accessible spaces by:
- Extending the scope of the prohibition to cover all private as well as public actors;
- Ensuring that all uses of RBI (whether real-time or post) in publicly- accessible spaces are included in the prohibition; and
- Deleting the exceptions to the prohibition, which independent human rights assessments confirm do not meet existing EU fundamental rights standards
- Putting a stop to discriminatory or manipulative forms of biometric categorisation
- Properly addressing the risks of emotion recognition
The EU aims to create an “ecosystem of trust and excellence” for AI and be the world leader in trustworthy AI. By accomplishing these aims, we can promote AI that really serves people, while stamping out the most dangerous applications of this powerful technology.
That’s why the EU’s way must be to truly put people at the heart, and to put forward amendments to the IMCO-LIBE report on the AI Act which will ensure a genuine ban on biometric mass surveillance practices.
This article is in relation to an open letter sent by 53 civil society organisations to Members of the European Parliament.