The Greek police will reportedly deploy about 1,000 portable devices that will scan people’s faces during daily patrols and fetch identification reports from a central facial recognition system. This is scheduled for roll-out this summer, and the official goal is to make the verification process quicker and easier. However, since Greece is a country where GDPR (General Data Protection Regulation) applies, this introduces a host of complicating factors that concern privacy violation matters.
If you think that national data protection authorities object to this new “smart policing” system, or that the EU has expressed any concerns about it, you are way off. In fact, the European Commission has covered 75% of the project’s costs, which means that they would like to see it deployed and tested, and then push for its adoption across the EU. Again, the official reasoning given is to “strengthen preventive policing” and “prevent unnecessary suffering for citizens.”
There’s no mention of how the potential for abuse will be minimized, what aspects of the law are stretched or straight-out violated, and on what basis is the processing of biometric data going to take place. Right now, it’s clear that there’s no legal framework or presidential decree in existence to underpin such policing systems, so the Greek police can do whatever they want. This including storing, sharing, and further processing the collected data for as long as they like, leaving the citizens completely in the dark about it.
Even though the Greek Data Protection Authority did actually launch an investigation on the matter a while back, there’s no official word out yet. The relevant announcement only provides generic statements of assurance, serving no other purpose than to create the illusion that the matter is really being looked into.
In the meantime, the Greek police have already made it known that they’re planning to up the number of deployed devices to 9,000 soon after the testing period is over, so this is not going to be just a limited pilot.
Hank Schless, Senior Manager, Security Solutions at Lookout told us:
Seeing privacy-violating systems being tested in Europe - and in a context of a complete lack of regulation and central control - is worrying and alarming. Also, it is an indication of where things are going, or at least where the EU authorities would like to see them going. Hopefully, people will object to their deployment fiercely, and that we’ll see them retracted until strong privacy-protection laws are in place.