NHS Digital, iProov facial recognition deal raises transparency concerns

Occurred: September 2021

A contract between the UK's NHS Digital and private tech company, iProov, to collect and store facial verification data via the NHS app raised concerns about transparency and accountability.

iProov’s technology is used to ensure people are genuinely present when using NHS login to access the NHS App. The process involves new users recording a video of their face, which is then sent to iProov to compare the facial data with anonymised photo IDs held by the government.

However, privacy campaigners called for transparency on how data is used and stored. The contract between iProov and NHS Digital was not published, reportedly for "security reasons". This decision was criticised as "unnecessarily undermining trust".

Despite assurances from both iProov and NHS Digital that app users’ biometric data is anonymised and guarded via the best possible security protection, digital rights and privacy campaigners expressed concerns about the secrecy surrounding iProov’s use of data. They argued that anyone who sends personal information to a private company, at the encouragement of the NHS, has a right to know exactly what happens to their data.

This controversy highlighted the ethical implications of data privacy and the need for transparency and accountability in the use of facial recognition technology, especially in the public service.

➕ September 2021. The Guardian reported on iProov's close links with the UK's ruling Conservative Party, to which two of its directors donated.

Operator: NHS Digital
Developer: iProov
Country: UK
Sector: Gov - Health
Purpose: Store facial verification data
Technology: Facial recognition
Issue: Privacy; Security
Transparency: Governance; Privacy

Page info
Type: Issue
Published: September 2021
Last updated: June 2024