Madelaine Harrington and Stacy Young of Covington and Burling write:
On June 5, 2025, the UK’s Information Commissioner’s Office (“ICO”) launched its new AI and biometrics strategy. The strategy aims to increase its scrutiny of AI and biometric technologies focusing on three priority situations, namely where: stakes are high; there is clear public concern for the technology; and regulatory clarity can provide immediate impact.
The ICO identified three areas of focus in its strategy:
- Transparency and explainability, i.e., when and how the technologies affect people;
- Bias and discrimination, particularly where the technologies have been trained on “flawed, incomplete or unrepresentative information”; and
- Rights and redress, i.e., making sure that systems are accurate, appropriate safeguards are in place to protect people’s rights, and that there are ways to challenge and correct outcomes that result in harm.
The ICO’s new strategy builds on its previous work on both AI and biometric technologies. Past work includes, among other things: the ICO’s AI Tools in recruitment audit outcomes report; its consultation series on Generative AI; and its guidance on AI and data protection (discussed in our previous blogpost here). The ICO has also published biometric data guidance and conducted various studies on the privacy implications of biometric technologies.
Read more about the details of the ICO’s new strategy at Inside Privacy.