Biometrics Commissioner Bill passes final stage
Legislation to provide for the oversight of how policing bodies take, use and dispose of data such as fingerprints, DNA samples and facial images, has passed its final stage at the Scottish Parliament.
MSPs approved, by 110 voted to nil, the Scottish Biometrics Commissioner Bill, which will ensure that the police’s approach to biometric data, including the potential use of new technologies such as facial recognition software, is carried out in a lawful, effective, proportionate and ethical way.
The Commissioner will be appointed by and accountable to Parliament. Creation of the office was recommended in a report by solicitor advocate John Scott QC. The Commissioner will prepare a code of practice to provide guidance and information on good practice for obtaining, using, holding and destroying biometric data for Police Scotland, the Scottish Police Authority and the Police Investigations and Review Commissioner. They will be responsible for enforcing compliance with the code, and in serious cases could report failure to adhere to it to the Court of Session.
The bill will also establish a complaints procedure for members of the public who may have concerns about how their data is being collected, held, disposed of and used, and an independent advisory group to provide advice to the new Commissioner.
A review of the Commissioner's role and remit will be reviewed every five years to ensure the legislation and processes keep up-to-date with technological advances.
During the stage 3 debate, MSPs from all parties commented on the consensual nature of the debate and the constructive approach when opposition amendments were put forward and discussed with the Scottish Government.
Justice Secretary Humza Yousaf commented after the vote: “It is important that we equip Scotland’s police officers with the necessary technology to ensure they can continue to keep people safe. At the same time, it is important that the public has absolute confidence in those technological advances and how their data will be collected or retained.”