On 7 August 2024, the Office of the Privacy Commissioner (OPC) provided an update on the consultation process for new rules for biometric processing, which includes facial recognition technology. The OPC publicly released draft rules for using biometrics, for consultation, in May and received 250 submissions from members of the public, businesses, government agencies and advocacy organisations giving their view.
Privacy Commissioner Michael Webster said, ‘Almost every one of the submissions from members of the public told us that people were concerned about the use of biometrics in New Zealand. There was broad support for the proposals in the exposure draft code.’
The feedback has informed the OPC of where it needs to review the policy proposals, which it has indicated will be done alongside other work that will include:
- The broad exclusion for health agencies.
- The exclusion of heartbeat biometrics (and how wearable devices are treated).
- How long agencies are given to bring their activities into compliance with any new code.
- Whether the components in the proportionality assessment will work well in real life.
- Clearing up how notice requirements will work, what the benefit of them is, and a few other small matters.
- Checking whether more exceptions may be necessary to make sure that any rules would be targeted at the high risk uses of biometrics, rather than the low risk beneficial uses of biometrics.
The Privacy Commissioner is considering the feedback and expects to announce his decision on whether he intends to go ahead with a code later this year. If the decision is to proceed, there will be a further opportunity for people to have their say on the code proposed during public consultation.
Read the full analysis of the Biometrics Report-Back here and more about biometrics and the consultation process and timeline here