Heathrow airport is developing a facial recognition check-in function

Heathrow airport will need to develop its biometric data processing function for identification purposes based on the collection of consent and explicit consent, the ICO says. Participating in the ICO’s Sandbox programme, which is a testbed for innovative ideas, Heathrow airport and the ICO examined the process of automating part of the passengers’ journey through the airport with an initiative that would enable passengers to confirm their identity without the need for an airline agent to check their identity document at subsequent stages through the airport.

This process would use Facial Recognition Technology (FRT) to verify the passengers’ identity from an ID source (document such as passport or an ID service) and create an ‘on the day image’. A template of the individual’s face would be created at the airport and matched against another template created from the individual’s passport image. “Biometric matching will then be used at subsequent touchpoints to prove it is still the same passenger without the requirement to provide documentation again, thus expediting the passenger’s journey through the Airport.”

The main findings are:

  • Heathrow would likely be considered a joint controller with each of their partner airlines.
  • Consent or explicit consent may be the most appropriate lawful basis and condition for the processing.

See ICO - Regulatory Sandbox Final Report: Heathrow Airport Ltd. - 18 page explanatory document.