Britain's biometrics commissioners warn that regulatory frameworks are failing to keep pace with rapidly expanding AI facial recognition deployments by police forces. The watchdogs say the technology is less effective than claimed and demand new laws to govern its use.
The UK's biometrics oversight bodies have raised alarm over the lack of national regulation governing police use of AI-powered facial recognition systems. Their warning comes as forces like the Metropolitan Police significantly expand deployment of live face-scanning technology.
The Problem
According to commissioners, current oversight mechanisms are inadequate to manage the technology's growth. They contend that face-scanning systems are not as reliable as publicly claimed and operate without sufficient legal safeguards.
The watchdogs point to documented cases where the technology has produced false identifications, with innocent shoppers and citizens wrongly flagged by facial recognition systems. These errors highlight the gap between claimed accuracy rates and real-world performance.
Regulatory Gaps
Britain lacks comprehensive legislation specifically governing facial recognition use by law enforcement. Existing data protection and surveillance laws were written before this technology became widespread, leaving significant regulatory blind spots.
The commissioners argue that new laws are essential to establish clear rules around:
- When and where facial recognition can be deployed
- Accuracy standards systems must meet
- Transparency requirements for affected individuals
- Appeal and correction mechanisms for misidentifications
Expanding Use
Meanwhile, police adoption continues accelerating. The Metropolitan Police has nearly doubled its facial recognition operations, and other forces are following suit. This expansion occurs without corresponding regulatory oversight or public consultation frameworks.
Next Steps
The watchdogs' warning signals mounting pressure for legislative action. As facial recognition technology becomes embedded in policing operations, the regulators stress that oversight cannot continue to lag behind deployment.
Their call for new regulations reflects broader global concerns about biometric surveillance and the need for robust safeguards protecting citizens from misidentification and privacy violations.
U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.
Tailscale disclosed a critical vulnerability in its SSH implementation that allowed attackers to gain root access through insecure argument handling. The flaw has been patched in recent versions.
A new study found that social media platforms referred over 5.7 million visits to nonconsensual deepfake pornography sites between December 2025 and March 2026, with YouTube and X accounting for the majority of traffic.