Sweden’s Data Protection Authority (DPA) has allowed the country’s police to use facial recognition technology for identifying criminal suspects as it's "far more effective" at identifying perpetrators than manual identification by police. The Swedish police had requested an "advance decision" on if it could use facial recognition technology under Swedish laws. It had submitted an impact assessment to the DPA, stating that use of the technology does not pose any risk of intruding people’s privacy. How long can this data be stored for? The DPA didn't specify the time this, but said that the police should decide how long it needs to be stored before they implement this technology; as it's important from an “integrity” point of view, the DPA said. Processing of data: Under Sweden's Crime Data Act, it is “necessary” for a competent authority to be able to carry out the processing of personal data to perform its task effectively, the DPA said. It also said that such information can be processed at Sweden’s National Forensic Centre, and that the Crime Data Act has enough measures to protect processing of personal data. No mention of consent: Under EU’s General Data Protection Law (GDPR) processing of personal data is legal if consent is sought from the person whose data is being processed, among other conditions. The DPA's judgement doesn’t clarify the possible recourse in case a person denies his/her data consent for processing of their data. A similar judgement by a UK Court: It is worth noting that the High Court in…
