Federal Privacy Commissioner on Bill c-27 news release.

Report into the 2021 cyber attack on Newfoundland health information systems released.

Privacy Commissioner of Canada announced his office is launching a joint investigation into OpenAI

Federal Privacy Commissioner launches new guidance on workplace privacy

Cybersecurity: Best Practices for Setting Up a Security Operations Centre

Alberta IPC finds risk of significant harm from stolen server.

Updates to Chapter 3 for the Guide to FOIP and the Guide to LA FOIP are now available!

Steps for effectively deploying multi-factor authentication.

Concerns about AI


Privacy regulators call for legal framework limiting police use of facial recognition technology

May 3, 2022 - Diane Aldridge, Deputy Commissioner

Yesterday, the heads of Canada’s privacy protection authorities issued a joint statement recommending legislators develop a legal framework that establishes clearly and explicitly the circumstances in which police use of facial recognition may be acceptable.

In the joint statement, privacy regulators say a new legal framework for regulating police use of facial recognition technology should include:

  • A clear and explicit definition of the limited purposes for which police use of facial recognition would be authorized, and a list of prohibited uses. “No-go zones” should include a prohibition on any use of facial recognition that can result in mass surveillance.
  • Strict necessity and proportionality requirements. Legislation should require police use of facial recognition to be both necessary and proportionate for any given deployment of the technology.
  • Independent oversight. Police use of facial recognition technology should be subject to strong independent oversight. Oversight should include proactive engagement measures. Police should be required to obtain pre-authorization from an oversight body at the program level, or provide it with advance notice of a proposed use, before launching a facial recognition initiative.
  • Privacy rights and protections. Appropriate privacy protections should be put in place to mitigate risks to individuals, including measures to ensure the accuracy of information and placing limits on how long images can be retained in police databanks.

Released along with the joint statement is a guidance document to clarify police agencies’ privacy obligations relating to the use of facial recognition under the current legal framework.

Copies of both documents along with comments by the Ontario Privacy Commissioner are available at the following:

Categories: Blog

Back to Blog