Balancing privacy with biometric techniques in a commercial context

29 January 2020

Macquarie Group, London



Date: 29 January 2020
Times: 09.00 - 09.30 - Registration 
09.30 - 16.30 - Roundtable, Networking Lunch included
Location: Macquarie Group, London
Host: Olga Ganopolsky, General Counsel - Privacy and Data, Macquarie Group, Australia

A one day Roundtable for companies to exchange experience on how they are implementing and using biometric techniques in different scenarios and plan to use them in the future.

Facial recognition is a common example of a biometric technique and attracts the attention of privacy regulators to its use in public areas, such as railway stations and to help verify identity. Meanwhile companies are increasingly using voice or facial recognition and other biometric techniques in a variety of commercial and employment related contexts such as attendance in the workplace and fraud prevention in financial services.

While the technology is constantly developing, the question facing companies, as always, is just because a technique can be developed, what are, and should be, the legal and ethical constraints on its use? Informing customers and staff of use of biometric techniques is necessary and has a preventative role. What would privacy regulators regard as achieving a fair balance between use of a technique to reduce fraud and fairness to customers? How have different companies approached this subject?

Explore current practice to assess what is not only lawful but also learn about fair collection and use of personal data in different company contexts.

An Onfido Director (one of the 10 ICO sandbox participating organisations) together with a member of the Onfido research team, will speak on algorithmic bias in biometric identification.

A follow-up report will be produced by the PL&B editorial team after the Roundtable summarising the issues and action points on a non-attributable basis for distribution to the group.

6 SRA CPD hours and 6 CPE credits available

Places are limited to facilitate discussion in a relaxed atmosphere.


  Early Bird Rate
Until 6 December
Standard Rate
From 7 December
Single registration, price per person £250 + VAT £350 + VAT

To register click BOOK NOW at the top of this page or email

Programme Overview


  1. Which biometric techniques are most used to verify identity or other purposes matters related to:
    • the workplace?
    • customers?
  2. Which biometric techniques third party service providers are you planning on using in the next 3 years?
  3. How do you navigate through the various third-party related privacy issues?
    • Choice of provider
    • Compliant contracts 
    • Data security 
    • Data Protection by Default as a criterion for selection
    • Data Protection Impact Assessment as a criterion for selection 
    • Use of data and purpose limitation
    • Period of retention of data
    • De-identification and destruction of data
    • Other
  4. How have you assessed the GDPR applying to biometric technologies?
  5. What, if any, specific legal issues are related to specific biometric technologies including, identification techniques?
    • Facial recognition
    • Voice recognition
    • Iris recognition
    • Gait
    • Keyboard and mouse patterns
    • Other
  6. To what extent does Artificial Intelligence help any of the processes, including the verification process?
  7. Have labour unions, works councils, and/or privacy advocates opposed the introduction of biometric technologies, including for identification purposes, in your organisation or wish to limit its use?
    • If so, on which grounds?
    • Have any harms been identified? 
    • If so, which harms?
  8. How have you planned, or will you plan, to address these concerns?
  9. To what extent can consent be freely given and informed in this context?
  10. What other privacy legal issues arise? How have you dealt with them?
  11. A case study from the ICO’s sandbox programme with comments from at least one sandbox member company.
  12. Identify legal issues, ethical or commercial/risk considerations in specific jurisdictions.
  13. Action points in general and in specific jurisdictions.