UK against the use of biometrics in the workplace: the Serco case and the ICO decision

[Joywtome231]

The risks and benefits of biometrics need to be discussed and understood. The UK ICO ’s decision to ban Serco from using biometrics in the workplace signals a pivotal moment for employee privacy and the regulation of sensitive data. Find out more about how this prompts action here.

The case
On 23 February 2024, the Information Commissioner's Office (ICO), the UK's data malta phone number library protection authority, ordered Serco Leisure Operating Limited (Serco), a company that operates leisure facilities, to stop using facial recognition and fingerprint scanning technology to monitor employee attendance and calculate payroll.

Serco began using the technology in 2017 across 38 of its leisure facilities. The company said it had adopted the method because previous systems were easy to manipulate, which had led to abuse by some staff. However, the ICO ruled that the company did not have a proper legal basis for using biometric data. The company was accused of breaching several UK data protection rules. The company was then ordered to immediately stop using biometric data and destroy all information it had collected.

The ICO (an understanding that is gaining ground in Europe and is likely to spread here) emphasized that the use of biometric data is only justifiable if there are no less intrusive alternatives available. In addition, employee privacy must be considered, and they must be clearly informed about their options and rights.