A leisure centre company has been ordered to stop using facial recognition software to monitor its staff members.
Serco Leisure was told by the Information Commissioner’s Office (ICO) that processing biometric data of some 2,000 staff members at 38 leisure facilities across the UK was illegal and must therefore be stopped.
Whilst Serco Leisure says it will comply with the ICO’s enforcement notice, the company said it had only installed the technology to make clocking in and out of work easier for staff members. It added that legal advice was sought before the cameras were installed, and that staff had not come forward to complain about the devices in the five years they had been active – even going so far as to say the program had been “well received”.
The ICO disagreed, however, stating that Serco Leisure’s use of biometric data to check staff attendance was “neither fair nor appropriate”. Nor, it claimed, were the company’s reasons for doing away with less intrusive alternatives – such as ID cards or fobs – instead.
It also said that staff members had their fingerprints scanned but were provided no clear alternative option.
Explaining why the ICO took action, the UK’s Information Commissioner John Edwards told the BBC how Serco Leisure’s policies had increased the power imbalance in the workplace, as staff members were left feeling like they had no other choice but to comply.
He argued that the company had prioritised “business interests over its employees’ privacy” and that it “did not fully consider the risks before introducing biometric technology”.
In light of the ruling, the ICO has announced plans to publish new guidance for businesses considering using facial recognition software or fingerprint scanning, to ensure they can stay on the right side of the law.
For those companies already considering it, though, Edwards sounded a warning: “Biometric data is wholly unique to a person so the risks of harm in the event of inaccuracies or a security breach are much greater.