The GDPR in the school bench. Processing of biometric data
The Personal Data Protection Office organized an on-line lecture for representatives of the education sector on April 28th, 2021. This time the main topic of the meeting was the processing of biometric data.
The announced lecture was addressed only to the directors and teachers of schools and educational institutions participating in the 11th edition of the UODO educational program for schools "Your data – Your concern".
The webinar discussed key issues related to the processing of biometric data. Experts from the Personal Data Protection Office explained why special care should be taken when schools process personal data of children, which should be particularly protected. Based on the analysis of current cases as well as regulations and guidelines, the UODO experts indicated what to pay attention to when processing biometric data.
Biometric data means personal data that results from specific technical processing, relating to the physical, physiological or behavioural characteristics of a natural person, which allow or confirm the unique identification of that natural person, such as facial images or dactyloscopic data [Art. 4 (14) of the GDPR].
Due to the uniqueness and stability of biometric data, which translates into their invariability over time, the use of biometric data should be carried out with particular care and caution. A possible leakage of biometric data is likely to result in a high risk to the rights and freedoms of natural persons. This applies in particular to children's biometric data, as the decision to share this type of child's data by legal guardians and their possible leakage will not be reversible in time, even after the child reaches the age of majority.
Recording of the lecture is presented below: