A new report from the University of Technology Sydney (UTS) Human Technology Institute outlines a model law for facial recognition technology to protect against harmful use of this technology, but also foster innovation for public benefit.
Australian law was not drafted with widespread use of facial recognition in mind. Led by UTS Industry Professors Edward Santow and Nicholas Davis, the report recommends reform to modernise Australian law, especially to address threats to privacy and other human rights.
Facial recognition and other remote biometric technologies have grown exponentially in recent years, raising concerns about privacy, mass surveillance and unfairness experienced, especially by people of colour and women, when the technology makes mistakes.
In June 2022, an investigation by consumer advocacy group CHOICE revealed that several large Australian retailers were using facial recognition to identify customers entering their stores, leading to considerable community alarm and calls for improved regulation. There have also been widespread calls for reform of facial recognition law – in Australia and internationally.
This new report responds to those calls. It recognises that our faces are special, in the sense that humans rely heavily on each other’s faces to identify and interact. This reliance leaves us particularly vulnerable to human rights restrictions when this technology is misused or overused.
“When facial recognition applications are designed and regulated well, there can be real benefits, helping to identify people efficiently and at scale. The technology is widely used by people who are blind or have a vision impairment, making the world more accessible for those groups,” said Professor Santow, the former Australian Human Rights Commissioner and now Co-Director of the Human Technology Institute.
“This report proposes a risk-based model law for facial recognition. The starting point should be to ensure that facial recognition is developed and used in ways that uphold people’s basic human rights,” he said.
“The gaps in our current law have created a kind of regulatory market failure. Many respected companies have pulled back from offering facial recognition because consumers aren’t properly protected. Those companies still offering in this area are not required to focus on the basic rights of people affected by this tech,” said Professor Davis, a former member of the executive committee at the World Economic Forum in Geneva and Co-Director of the Human Technology Institute.
“Many civil society organisations, government and inter-governmental bodies and independent experts have sounded the alarm about dangers associated with current and predicted uses of facial recognition,” he said.
This report calls on Australian Attorney-General Mark Dreyfus to lead a national facial recognition reform process. This should start by introducing a bill into the Australian Parliament based on the model law set out in the report.
The report also recommends assigning regulatory responsibility to the Office of the Australian Information Commissioner to regulate the development and use of this technology in the federal jurisdiction, with a harmonised approach in state and territory jurisdictions.
The model law sets out three levels of risk to human rights for individuals affected by the use of a particular facial recognition technology application, as well as risks to the broader community.
Under the model law, anyone who develops or deploys facial recognition technology must first assess the level of human rights risk that would apply to their application. That assessment can then be challenged by members of the public and the regulator.
Based on the risk assessment, the model law then sets out a cumulative set of legal requirements, restrictions and prohibitions.
The report, Facial Recognition Technology: towards a model law, has been co-authored by Professor Nicholas Davis, Professor Edward Santow, and Lauren Perry of the Human Technology Institute, UTS.