{"id":10642,"date":"2025-05-26T14:20:51","date_gmt":"2025-05-26T12:20:51","guid":{"rendered":"https:\/\/s8.tgin.eu\/?p=10642"},"modified":"2025-05-26T14:20:52","modified_gmt":"2025-05-26T12:20:52","slug":"comparing-the-uk-and-eu-framework-on-facial-recognition-technology","status":"publish","type":"post","link":"https:\/\/techgdpr.com\/blog\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\/","title":{"rendered":"Comparing the UK and EU\u2019s framework on facial recognition technology"},"content":{"rendered":"\n<p>As advancements in technology affect all areas in our lives, law enforcement agencies and private companies are also testing the use of artificial intelligence (AI) for the purpose of public safety. Advanced <strong>Remote Biometric Identification (RBI)<\/strong>, specifically in the form of <strong>Facial Recognition Technology (FRT), <\/strong>are currently at the centre of discussion. RBI refers to the use of artificial intelligence to identify individuals from a distance. The identification is possible as AI works to match the biometric features stored in a database with the features recorded from a device capable of remotely capturing said data. FRT is a type of RBI, focusing on the use of unique facial features and comparing them to data from a digital image or video e.g. CCTV footage.&nbsp;&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">What does this mean around the world?<\/h2>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-9d6595d7 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\"><div class=\"wp-block-image is-style-rounded\">\n<figure class=\"aligncenter size-large is-resized\"><img decoding=\"async\" width=\"678\" height=\"1024\" src=\"https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-ekrulila-3837494-678x1024.jpg\" alt=\"\" class=\"wp-image-10648\" style=\"width:463px;height:auto\" srcset=\"https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-ekrulila-3837494-678x1024.jpg 678w, https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-ekrulila-3837494-199x300.jpg 199w, https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-ekrulila-3837494-768x1160.jpg 768w, https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-ekrulila-3837494-1017x1536.jpg 1017w, https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-ekrulila-3837494-1356x2048.jpg 1356w, https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-ekrulila-3837494-scaled.jpg 1696w\" sizes=\"(max-width: 678px) 100vw, 678px\" \/><\/figure>\n<\/div><\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-center is-layout-flow wp-block-column-is-layout-flow\">\n<p>Countries such as the United States and United Kingdom are increasingly moving towards reliance on these technologies. Countries in the EU are also recording findings of some trial projects related to the use of Facial Recognition Technology. However, as the technology continues evolving and becomes increasingly more widespread, concerns arise in relation to potential consequences of using said technologies. A majority of concerns focus on <a href=\"https:\/\/assets.publishing.service.gov.uk\/media\/5f229fa5e90e071a56f934fb\/Facial_Recognition_Technology_Snapshot_UPDATED.pdf\">biases and consequences in relation to law enforcement<\/a>. In addition, concerns with regard to all individuals\u2019 privacy rights are also at the forefront of the discussion, including:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Whether an indiscriminate recording of all individuals captured by cameras is aligned with the principle of <em>data minimization;<\/em><\/li>\n\n\n\n<li>Concerns on the <em>lawfulness and transparency <\/em>of the use of said technology, as further discussed below; and<\/li>\n\n\n\n<li>Appropriate processing of <em>special categories of personal data <\/em>in accordance with legal requirements.&nbsp;<\/li>\n<\/ul>\n<\/div>\n<\/div>\n\n\n\n<p>Both <a href=\"https:\/\/techgdpr.com\/consultancy\/achieve-gdpr-compliance\/\">the GDPR<\/a> and its UK equivalent (the \u2018UK-GDPR&#8217;) provide for some legal framework setting standards for the use of this technology. However, the departure of the UK from the EU in 2020 means that the two jurisdictions are now implementing entirely different approaches when it comes to the use of Artificial Intelligence. This blog post analyses said differences, and the implications thereof, with a focus on FRTs.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">The history of public surveillance systems in the EU and the UK<\/h2>\n\n\n\n<p>Looking at the history of implementation of public surveillance systems in the EU and in the UK, sets the stage to highlight the difference in framework that applies to this day.&nbsp;<\/p>\n\n\n\n<p>Public authorities and private actors have implemented video surveillance as one of the measures to ensure security <a href=\"https:\/\/www.researchgate.net\/publication\/372849031_The_Evolution_of_Public_Surveillance_Systems_in_Europe\">since the middle of the 20th century<\/a>. Camera systems such as CCTV have been increasingly appearing in UK cities since the 1950s, and have progressively evolved technologically. As a result, we are now at the point where South London will be installing its <a href=\"https:\/\/www.biometricupdate.com\/202503\/london-to-introduce-permanent-live-facial-recognition-cameras\">first permanent facial recognition cameras<\/a>.<\/p>\n\n\n\n<p>Similarly, Germany saw its <a href=\"https:\/\/www.researchgate.net\/publication\/372849031_The_Evolution_of_Public_Surveillance_Systems_in_Europe\">first shift in the usage of cameras<\/a> for public security reasons in the 1960s.&nbsp; By the 2000s, the majority of large European cities were deploying CCTV systems.<\/p>\n\n\n\n<p>However, based on this history and according to researchers, the evolution in technical capabilities of CCTV and its respective use in the EU has always lagged behind that of the UK. One of the reasons for this was a <a href=\"https:\/\/www.researchgate.net\/publication\/372849031_The_Evolution_of_Public_Surveillance_Systems_in_Europe\">lack of constitutional protections for the right of privacy<\/a>. Meanwhile, EU countries have demonstrably had a <a href=\"https:\/\/www.researchgate.net\/publication\/372849031_The_Evolution_of_Public_Surveillance_Systems_in_Europe\">stricter approach to privacy<\/a> even prior to the Data Protection Directive passed in 1995. The EU has implemented further protective measures since, such as the <a href=\"https:\/\/eur-lex.europa.eu\/eli\/reg\/2024\/1689\/oj\/eng\">AI Act<\/a>.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">How does the use of facial recognition change between the EU and the UK?<\/h2>\n\n\n\n<p>While both jurisdictions use Facial Recognition Technology with the goal of enhancing public and national security, they differ vastly in how extensively they have applied it in practice.<\/p>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-9d6595d7 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-vertically-aligned-center is-layout-flow wp-block-column-is-layout-flow\">\n<p>The main difference is in its application, which is in turn related to the current regulatory differences. In the EU, current deployments of RBI systems are primarily experimental and localised. <a href=\"https:\/\/extranet.greens-efa.eu\/public\/media\/file\/1\/7297\">Examples of case studies<\/a> include Facial Recognition Cameras at Brussels Airport, Facial Recognition at Hamburg G20, and the DragonFly Project in Hungary. There is currently no example of fully implemented and permanent FRT or RBI systems in the EU.<\/p>\n\n\n\n<p>Additionally, the UK\u2019s implementation of such systems is a current point of discourse across the country. As an example, part of MET police deployment policy for <a href=\"https:\/\/www.met.police.uk\/SysSiteAssets\/media\/downloads\/force-content\/met\/advice\/lfr\/policy-documents\/lfr-policy-document2.pdf\"><em>overt implementation of live facial recognition<\/em><\/a><em> to locate people on a Watchlist<\/em> is to be able to implement Live Facial Recognition onto \u201chotspots\u201d for a number of crimes, ranging from theft and drugs to terrorism and human trafficking.&nbsp;<\/p>\n\n\n\n<p>Additionally, the use has extended to private companies, <a href=\"https:\/\/www.biometricupdate.com\/202504\/privacy-regulators-weigh-in-as-retailers-turn-to-frt-to-fight-shoplifting\">such as the retail and hospitality sector<\/a>, to take advantage of the technology to enhance security and prevent theft and revenue loss.<\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\"><div class=\"wp-block-image is-style-rounded\">\n<figure class=\"aligncenter size-large is-resized\"><img decoding=\"async\" width=\"683\" height=\"1024\" src=\"https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090253-683x1024.jpg\" alt=\"\" class=\"wp-image-10650\" style=\"width:388px;height:auto\" srcset=\"https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090253-683x1024.jpg 683w, https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090253-200x300.jpg 200w, https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090253-768x1152.jpg 768w, https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090253-1024x1536.jpg 1024w, https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090253-1365x2048.jpg 1365w, https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090253-scaled.jpg 1707w\" sizes=\"(max-width: 683px) 100vw, 683px\" \/><\/figure>\n<\/div><\/div>\n<\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Regulatory similarities<\/h2>\n\n\n\n<p>In both the EU and the UK, the GDPR regulates the usage of all data processing technologies, including Facial Recognition Technology. The UK also implemented the regulation at national level with the Data Protection Act 2018. Therefore, a number of legal requirements, and issues of public concern are common for both jurisdictions:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Data needs to be processed lawfully, fairly and in a transparent manner. Where <em>public interest<\/em> can be an applicable legal base for public authorities and law enforcement (albeit not without justification). However, private companies are required to jump through more hurdles to justify the necessity and proportionality, and outright lawfulness, of the use of FRTs, typically under <em>legitimate interest;<\/em><\/li>\n\n\n\n<li>Processing of biometric data means that <a href=\"https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/PDF\/?uri=CELEX:32016R0679\">Art. 9<\/a><em> special categories of personal data <\/em>are being processed, adding an extra layer to the lawfulness argument. Such categories of data can only be processed pursuant to one of the exceptions listed in the Article 9. Again, reliance on <em>substantial public interest <\/em>could be an option, but not without having to make a balancing exercise, which leads to: the requirement to carry out a Data Protection Impact Assessment in accordance with Art. 35.3, where the usage of said technology arguably meets all 3 criteria;<\/li>\n\n\n\n<li><a href=\"https:\/\/policyreview.info\/articles\/analysis\/data-governance-risks-facial-recognition\">Further considerations<\/a> and concerns include breaches to the principles of <em>purpose <\/em>and <em>storage limitation, <\/em>and <em>data minimisation.&nbsp;<\/em><\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">What is the regulatory approach to facial recognition in the EU?<\/h2>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-9d6595d7 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\"><div class=\"wp-block-image is-style-rounded\">\n<figure class=\"aligncenter size-large is-resized\"><img decoding=\"async\" width=\"682\" height=\"1024\" src=\"https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-682x1024.jpg\" alt=\"\" class=\"wp-image-10652\" style=\"width:399px;height:auto\" srcset=\"https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-682x1024.jpg 682w, https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-200x300.jpg 200w, https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-768x1152.jpg 768w, https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-1024x1536.jpg 1024w, https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-1365x2048.jpg 1365w, https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-scaled.jpg 1706w\" sizes=\"(max-width: 682px) 100vw, 682px\" \/><\/figure>\n<\/div><\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-center is-layout-flow wp-block-column-is-layout-flow\">\n<p>However, in the EU, the newly implemented AI Act regulates the specific usage of <a href=\"https:\/\/eur-lex.europa.eu\/eli\/reg\/2024\/1689\/oj\/eng\"><em>real-time remote biometric identification systems<\/em> in its Article 5<\/a>. The article outright bans the use of <em>AI systems that create or expand facial recognition databases through the untargeted scraping of facial images from the internet or CCTV footage<\/em> and <em>the use of \u2018real-time\u2019 remote biometric identification systems in publicly accessible spaces for the purposes of law enforcement, <\/em>although the latter comes with exceptions. These include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Search for abducted individuals, and victims of human trafficking and sexual exploitation;<\/li>\n\n\n\n<li>Prevention of a <em>specific, substantial and imminent <\/em>threat to life or threat of terrorism; and<\/li>\n\n\n\n<li>Localisation of a person suspected to have committed a criminal offence listed in Annex 2 of the Act (which does not include property damage, theft and\/or burglary).&nbsp;<\/li>\n<\/ul>\n\n\n\n<p>Said exceptions, however, must still take into account rights and freedoms of the individuals involved. Additionally, Article 27 of the AI Act require a fundamental rights impact assessment and law enforcement authorities registering the system in the EU database according to Article 49.<\/p>\n<\/div>\n<\/div>\n\n\n\n<h2 class=\"wp-block-heading\">How does the regulation framework differ in the UK?<\/h2>\n\n\n\n<p>Since its departure from the EU due to Brexit, the regulation of such technologies in the UK is entirely different. There is currently no AI-specific regulation in place. UK Parliament is currently discussing the only related legislation for the usage of such technologies, namely the <a href=\"https:\/\/dspace.stir.ac.uk\/retrieve\/acd5eeaf-9ab5-4f62-a97e-5c41fea0aace\/Fussy%20and%20Webster%20for%20IP%202023%20Final%20Draft.pdf\">Data Protection and Digital Information Bill<\/a>. <\/p>\n\n\n\n<p>Importantly, the draft of this bill demonstrates how the UK\u2019s approach is opposite to that of the EU, possibly leading to less regulation. For example, through the abolishment of the Biometrics and Surveillance Camera Commissioner (BSCC). The underlying argument is that the removal of this office, in a period of fast technological change, will result in <a href=\"https:\/\/dspace.stir.ac.uk\/retrieve\/acd5eeaf-9ab5-4f62-a97e-5c41fea0aace\/Fussy%20and%20Webster%20for%20IP%202023%20Final%20Draft.pdf\">the loosening of safeguards designed to raise standards and protect citizens<\/a>, and may ultimately result in the deployment of technologies that are not in the public interest.&nbsp;<\/p>\n\n\n\n<p>That is not to say that the use of said technologies will go entirely unchecked. The Information Commissioner Office made a statement about the usage of said technologies and calls for the responsible and lawful use of Facial Recognition Technology, and published guidance on appropriate use of <a href=\"https:\/\/ico.org.uk\/for-organisations\/uk-gdpr-guidance-and-resources\/lawful-basis\/biometric-data-guidance-biometric-recognition\/biometric-recognition\/#whatdoyou\"><em>Biometric recognition systems<\/em><\/a><em>. <\/em>However, the guidance still relies on mostly GDPR-based principles and rules. It does not add anything new to the conversation on the increased use of FRTs by law enforcement agencies or private companies, which might have legal implications for individuals. Therefore, the status quo remains that in comparison with the EU, the UK remains a regulatory sandbox for the use of such technologies. As a result, <a href=\"https:\/\/policyreview.info\/articles\/analysis\/data-governance-risks-facial-recognition\">concerns arise<\/a> about the ways this compliance vacuum could be exploited and relevant risk for individuals.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Looking forward<\/h2>\n\n\n\n<p>Despite the technology being substantially more regulated in the EU, there is still criticism on the general use of FRTs, even with the existence of the GDPR and AIA rules in relation to the technologies. The <a href=\"https:\/\/edri.org\/our-work\/remote-biometric-identification-a-technical-legal-guide\/\">vagueness of the definitions in the AI act<\/a>, the changes made to the AI Act draft from an outright ban for the technologies to an approach with \u201cexceptions\u201d and the lack of clarity on the implementation of these technologies by private companies outside of law enforcement agencies.<\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>As advancements in technology affect all areas in our lives, law enforcement agencies and private companies are also testing the use of artificial intelligence (AI) for the purpose of public safety. Advanced Remote Biometric Identification (RBI), specifically in the form of Facial Recognition Technology (FRT), are currently at the centre of discussion. RBI refers to [&hellip;]<\/p>\n","protected":false},"author":27,"featured_media":10652,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[8,88,299],"tags":[51,120,252,126,58],"class_list":["post-10642","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ai","category-gdpr","category-uk-gdpr","tag-artificial-intelligence","tag-biometric-data","tag-biometrics","tag-dpia","tag-gdpr-compliance"],"acf":[],"featured_image_urls":{"full":["https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-scaled.jpg",1706,2560,false],"thumbnail":["https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-150x150.jpg",150,150,true],"medium":["https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-200x300.jpg",200,300,true],"medium_large":["https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-768x1152.jpg",640,960,true],"large":["https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-682x1024.jpg",640,961,true],"1536x1536":["https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-1024x1536.jpg",1024,1536,true],"2048x2048":["https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-1365x2048.jpg",1365,2048,true],"image-200-200":["https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-200x200.jpg",200,200,true]},"post_excerpt_stackable":"<p>As advancements in technology affect all areas in our lives, law enforcement agencies and private companies are also testing the use of artificial intelligence (AI) for the purpose of public safety. Advanced Remote Biometric Identification (RBI), specifically in the form of Facial Recognition Technology (FRT), are currently at the centre of discussion. RBI refers to the use of artificial intelligence to identify individuals from a distance. The identification is possible as AI works to match the biometric features stored in a database with the features recorded from a device capable of remotely capturing said data. FRT is a type of&hellip;<\/p>\n","category_list":"<a href=\"https:\/\/techgdpr.com\/blog\/category\/ai\/\" rel=\"category tag\">Artificial Intelligence<\/a>, <a href=\"https:\/\/techgdpr.com\/blog\/category\/gdpr\/\" rel=\"category tag\">GDPR<\/a>, <a href=\"https:\/\/techgdpr.com\/blog\/category\/uk-gdpr\/\" rel=\"category tag\">UK GDPR<\/a>","author_info":{"name":"Edda Pernice","url":"https:\/\/techgdpr.com\/blog\/author\/edda\/"},"comments_num":"0 comments","featured_image_urls_v2":{"full":["https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-scaled.jpg",1706,2560,false],"thumbnail":["https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-150x150.jpg",150,150,true],"medium":["https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-200x300.jpg",200,300,true],"medium_large":["https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-768x1152.jpg",640,960,true],"large":["https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-682x1024.jpg",640,961,true],"1536x1536":["https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-1024x1536.jpg",1024,1536,true],"2048x2048":["https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-1365x2048.jpg",1365,2048,true],"image-200-200":["https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-200x200.jpg",200,200,true]},"post_excerpt_stackable_v2":"<p>As advancements in technology affect all areas in our lives, law enforcement agencies and private companies are also testing the use of artificial intelligence (AI) for the purpose of public safety. Advanced Remote Biometric Identification (RBI), specifically in the form of Facial Recognition Technology (FRT), are currently at the centre of discussion. RBI refers to the use of artificial intelligence to identify individuals from a distance. The identification is possible as AI works to match the biometric features stored in a database with the features recorded from a device capable of remotely capturing said data. FRT is a type of&hellip;<\/p>\n","category_list_v2":"<a href=\"https:\/\/techgdpr.com\/blog\/category\/ai\/\" rel=\"category tag\">Artificial Intelligence<\/a>, <a href=\"https:\/\/techgdpr.com\/blog\/category\/gdpr\/\" rel=\"category tag\">GDPR<\/a>, <a href=\"https:\/\/techgdpr.com\/blog\/category\/uk-gdpr\/\" rel=\"category tag\">UK GDPR<\/a>","author_info_v2":{"name":"Edda Pernice","url":"https:\/\/techgdpr.com\/blog\/author\/edda\/"},"comments_num_v2":"0 comments","yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Comparing the UK and EU\u2019s framework on facial recognition technology<\/title>\n<meta name=\"description\" content=\"Analyzing the EU and UK&#039;s different regulatory frameworks to explain the vast difference in usage of facial recognition technology.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/techgdpr.com\/blog\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Comparing the UK and EU\u2019s framework on facial recognition technology\" \/>\n<meta property=\"og:description\" content=\"Analyzing the EU and UK&#039;s different regulatory frameworks to explain the vast difference in usage of facial recognition technology.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/techgdpr.com\/blog\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\/\" \/>\n<meta property=\"og:site_name\" content=\"TechGDPR\" \/>\n<meta property=\"article:published_time\" content=\"2025-05-26T12:20:51+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-05-26T12:20:52+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-scaled.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1706\" \/>\n\t<meta property=\"og:image:height\" content=\"2560\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Edda Pernice\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@techgdpr\" \/>\n<meta name=\"twitter:site\" content=\"@techgdpr\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Edda Pernice\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\\\/\"},\"author\":{\"name\":\"Edda Pernice\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/#\\\/schema\\\/person\\\/3a6fbe902f60d5a48b40d4ee8eea87b1\"},\"headline\":\"Comparing the UK and EU\u2019s framework on facial recognition technology\",\"datePublished\":\"2025-05-26T12:20:51+00:00\",\"dateModified\":\"2025-05-26T12:20:52+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\\\/\"},\"wordCount\":1548,\"publisher\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/techgdpr.com\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/pexels-cottonbro-8090260-scaled.jpg\",\"keywords\":[\"Artificial Intelligence\",\"biometric data\",\"Biometrics\",\"DPIA\",\"GDPR Compliance\"],\"articleSection\":[\"Artificial Intelligence\",\"GDPR\",\"UK GDPR\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\\\/\",\"url\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\\\/\",\"name\":\"Comparing the UK and EU\u2019s framework on facial recognition technology\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/techgdpr.com\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/pexels-cottonbro-8090260-scaled.jpg\",\"datePublished\":\"2025-05-26T12:20:51+00:00\",\"dateModified\":\"2025-05-26T12:20:52+00:00\",\"description\":\"Analyzing the EU and UK's different regulatory frameworks to explain the vast difference in usage of facial recognition technology.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/techgdpr.com\\\/blog\\\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\\\/#primaryimage\",\"url\":\"https:\\\/\\\/techgdpr.com\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/pexels-cottonbro-8090260-scaled.jpg\",\"contentUrl\":\"https:\\\/\\\/techgdpr.com\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/pexels-cottonbro-8090260-scaled.jpg\",\"width\":1706,\"height\":2560},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/techgdpr.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Comparing the UK and EU\u2019s framework on facial recognition technology\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/#website\",\"url\":\"https:\\\/\\\/techgdpr.com\\\/\",\"name\":\"TechGDPR\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/techgdpr.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/#organization\",\"name\":\"TechGDPR\",\"url\":\"https:\\\/\\\/techgdpr.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/staging.techgdpr.com\\\/wp-content\\\/uploads\\\/2018\\\/04\\\/TGDPR_logo_500px.png\",\"contentUrl\":\"https:\\\/\\\/staging.techgdpr.com\\\/wp-content\\\/uploads\\\/2018\\\/04\\\/TGDPR_logo_500px.png\",\"width\":501,\"height\":334,\"caption\":\"TechGDPR\"},\"image\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/techgdpr\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/techgdpr\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/#\\\/schema\\\/person\\\/3a6fbe902f60d5a48b40d4ee8eea87b1\",\"name\":\"Edda Pernice\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/wp-content\\\/uploads\\\/2024\\\/03\\\/Edda_OF_2399_700-150x150.jpg\",\"url\":\"https:\\\/\\\/techgdpr.com\\\/wp-content\\\/uploads\\\/2024\\\/03\\\/Edda_OF_2399_700-150x150.jpg\",\"contentUrl\":\"https:\\\/\\\/techgdpr.com\\\/wp-content\\\/uploads\\\/2024\\\/03\\\/Edda_OF_2399_700-150x150.jpg\",\"caption\":\"Edda Pernice\"},\"description\":\"Edda is a University of Reading law graduate and obtained her Master's degree in International Technology Law from the Vrije Universiteit in Amsterdam, with previous paralegal and contract consultant experience, and CIPP\\\/E certified. She joined the TechGDPR team as a data protection trainee and is currently a Associate Data Protection Consultant.\",\"sameAs\":[\"https:\\\/\\\/www.linkedin.com\\\/in\\\/edda-pernice-3174a4177\\\/\"],\"url\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/author\\\/edda\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Comparing the UK and EU\u2019s framework on facial recognition technology","description":"Analyzing the EU and UK's different regulatory frameworks to explain the vast difference in usage of facial recognition technology.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/techgdpr.com\/blog\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\/","og_locale":"en_US","og_type":"article","og_title":"Comparing the UK and EU\u2019s framework on facial recognition technology","og_description":"Analyzing the EU and UK's different regulatory frameworks to explain the vast difference in usage of facial recognition technology.","og_url":"https:\/\/techgdpr.com\/blog\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\/","og_site_name":"TechGDPR","article_published_time":"2025-05-26T12:20:51+00:00","article_modified_time":"2025-05-26T12:20:52+00:00","og_image":[{"width":1706,"height":2560,"url":"https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-scaled.jpg","type":"image\/jpeg"}],"author":"Edda Pernice","twitter_card":"summary_large_image","twitter_creator":"@techgdpr","twitter_site":"@techgdpr","twitter_misc":{"Written by":"Edda Pernice","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/techgdpr.com\/blog\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\/#article","isPartOf":{"@id":"https:\/\/techgdpr.com\/blog\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\/"},"author":{"name":"Edda Pernice","@id":"https:\/\/techgdpr.com\/#\/schema\/person\/3a6fbe902f60d5a48b40d4ee8eea87b1"},"headline":"Comparing the UK and EU\u2019s framework on facial recognition technology","datePublished":"2025-05-26T12:20:51+00:00","dateModified":"2025-05-26T12:20:52+00:00","mainEntityOfPage":{"@id":"https:\/\/techgdpr.com\/blog\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\/"},"wordCount":1548,"publisher":{"@id":"https:\/\/techgdpr.com\/#organization"},"image":{"@id":"https:\/\/techgdpr.com\/blog\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\/#primaryimage"},"thumbnailUrl":"https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-scaled.jpg","keywords":["Artificial Intelligence","biometric data","Biometrics","DPIA","GDPR Compliance"],"articleSection":["Artificial Intelligence","GDPR","UK GDPR"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/techgdpr.com\/blog\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\/","url":"https:\/\/techgdpr.com\/blog\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\/","name":"Comparing the UK and EU\u2019s framework on facial recognition technology","isPartOf":{"@id":"https:\/\/techgdpr.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/techgdpr.com\/blog\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\/#primaryimage"},"image":{"@id":"https:\/\/techgdpr.com\/blog\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\/#primaryimage"},"thumbnailUrl":"https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-scaled.jpg","datePublished":"2025-05-26T12:20:51+00:00","dateModified":"2025-05-26T12:20:52+00:00","description":"Analyzing the EU and UK's different regulatory frameworks to explain the vast difference in usage of facial recognition technology.","breadcrumb":{"@id":"https:\/\/techgdpr.com\/blog\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/techgdpr.com\/blog\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/techgdpr.com\/blog\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\/#primaryimage","url":"https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-scaled.jpg","contentUrl":"https:\/\/techgdpr.com\/wp-content\/uploads\/2025\/05\/pexels-cottonbro-8090260-scaled.jpg","width":1706,"height":2560},{"@type":"BreadcrumbList","@id":"https:\/\/techgdpr.com\/blog\/comparing-the-uk-and-eu-framework-on-facial-recognition-technology\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/techgdpr.com\/"},{"@type":"ListItem","position":2,"name":"Comparing the UK and EU\u2019s framework on facial recognition technology"}]},{"@type":"WebSite","@id":"https:\/\/techgdpr.com\/#website","url":"https:\/\/techgdpr.com\/","name":"TechGDPR","description":"","publisher":{"@id":"https:\/\/techgdpr.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/techgdpr.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/techgdpr.com\/#organization","name":"TechGDPR","url":"https:\/\/techgdpr.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/techgdpr.com\/#\/schema\/logo\/image\/","url":"https:\/\/staging.techgdpr.com\/wp-content\/uploads\/2018\/04\/TGDPR_logo_500px.png","contentUrl":"https:\/\/staging.techgdpr.com\/wp-content\/uploads\/2018\/04\/TGDPR_logo_500px.png","width":501,"height":334,"caption":"TechGDPR"},"image":{"@id":"https:\/\/techgdpr.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/techgdpr","https:\/\/www.linkedin.com\/company\/techgdpr"]},{"@type":"Person","@id":"https:\/\/techgdpr.com\/#\/schema\/person\/3a6fbe902f60d5a48b40d4ee8eea87b1","name":"Edda Pernice","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/techgdpr.com\/wp-content\/uploads\/2024\/03\/Edda_OF_2399_700-150x150.jpg","url":"https:\/\/techgdpr.com\/wp-content\/uploads\/2024\/03\/Edda_OF_2399_700-150x150.jpg","contentUrl":"https:\/\/techgdpr.com\/wp-content\/uploads\/2024\/03\/Edda_OF_2399_700-150x150.jpg","caption":"Edda Pernice"},"description":"Edda is a University of Reading law graduate and obtained her Master's degree in International Technology Law from the Vrije Universiteit in Amsterdam, with previous paralegal and contract consultant experience, and CIPP\/E certified. She joined the TechGDPR team as a data protection trainee and is currently a Associate Data Protection Consultant.","sameAs":["https:\/\/www.linkedin.com\/in\/edda-pernice-3174a4177\/"],"url":"https:\/\/techgdpr.com\/blog\/author\/edda\/"}]}},"_links":{"self":[{"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/posts\/10642","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/users\/27"}],"replies":[{"embeddable":true,"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/comments?post=10642"}],"version-history":[{"count":9,"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/posts\/10642\/revisions"}],"predecessor-version":[{"id":10661,"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/posts\/10642\/revisions\/10661"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/media\/10652"}],"wp:attachment":[{"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/media?parent=10642"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/categories?post=10642"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/tags?post=10642"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}