Transparency Seu electrònica

Facial Recognition

Facial recognition is a technology that uses artificial intelligence algorithms to identify or verify a person's identity using their facial image (face).

A person's face is personal data that, when processed using facial recognition technologies, becomes biometric data. Biometric data is a type of data that is particularly protected by data protection regulations.

Where is it used?

It is increasingly common to find facial recognition systems to access mobile phones, facilities and equipment; it can also be used for video surveillance and public safety purposes, criminal detection, emotion identification... In addition, some mobile applications use this system for playful purposes, such as transforming the user's face into an animal, a famous person, an older person, a person of a different gender, etc.

When can it be used in Europe?

European regulations determine that minimum personal data must be processed for the specific purpose and use the least intrusive technology that allows this purpose to be achieved. In addition, the processing of personal data must be based on one of the legal bases established in the General Data Protection Regulation (RGPD). In the case of biometric data, the protection is even more strengthened, so as a general rule it is prohibited to treat these types of data, except in the exceptional cases provided for in the law. When the legal basis for processing this data is explicit consent, this must be free, and this requires that the person has an alternative to obtain a certain product or service. In any case, the person whose data is being processed must be informed about the terms.

What are the risks?

Facial recognition systems are not foolproof and can generate negative effects, such as:

  • Discrimination and biases in the identification process.
  • Lack of reliability of the results (misidentification or verification).
  • Collection and use of data in a less transparent way.

Recommendations

  • Think twice before using a facial recognition system and evaluate the alternatives gived to you. The most comfortable is not always the best.
  • Learn who, how and for what your facial image will be processed. Specifically, you must be informed about the circumstances surrounding the processing of your data, including:
    • Who and what for your facial image will be used.
    • To whom will it be given?
    • How long will it be kept?
    • What rights do you have regarding this processing and where you can exercise them.
  • Remember that, if you consider that data protection rights are being violated, you can contact the Catalan Data Protection Authority.

Last update: 27.01.2026