Britain’s data protection watchdog, the Information Commissioner’s Office (ICO), has issued a directive on Friday to outsourcing company Serco Group (SRP.L), instructing them to cease the usage of facial recognition technology and fingerprint scanning for monitoring employee attendance within its leisure division.
The ICO’s investigation revealed that Serco Leisure, along with Serco Jersey and seven associated community leisure trusts, had been unlawfully processing the biometric data of over 2,000 employees across 38 leisure facilities.
According to the ICO, employees were not given proactive alternatives to the mandatory facial and fingerprint scanning for clocking in and out of their workplaces, with the requirement being presented as indispensable for receiving payment.
A company spokesperson acknowledged the introduction of the technology nearly five years ago based on external legal counsel and highlighted its positive reception among colleagues.
They stated, “We take this matter seriously and confirm we will fully comply with the enforcement notice.”
Serco, listed on the London Stock Exchange, delivers services in defence, security, immigration, health, and transportation sectors for various governments.
The ICO’s intervention underscores the importance of adhering to data protection regulations, especially concerning sensitive biometric data.
This move aligns with the broader regulatory efforts in Britain to safeguard individual privacy and ensure responsible handling of personal information in corporate environments.
Serco’s swift commitment to compliance reflects an understanding of the gravity of the situation and the necessity to uphold legal and ethical standards in their operations.
As technology evolves and privacy concerns intensify, businesses must remain vigilant in their approach to data management to maintain trust and integrity with both employees and regulatory authorities.