Italy Institutes Partial Moratorium on Facial Recognition

November 15, 2022

On November 14, the Italian Data Protection Authority (DPA) issued a moratorium under the GDPR on the use of facial recognition technology (covered in English by Reuters) that will last at least until the end of 2023, and the DPA may choose to extend it further if laws regulating facial recognition are not enacted. The moratorium does not apply to the use of facial recognition “for investigations by the judiciary or prevention and repression of crimes”. The scope of that exception is not yet clear.

The DPA enacted the moratorium following an investigation into plans by the city of Lecce to deploy a facial recognition system. The DPA also announced an investigation into, and a moratorium on, the use of smart infrared glasses in Arezzo, where police planned to start using the technology to read license plates at night and interface the glasses with drivers’ license databases to verify drivers’ identities. 

EPIC has long advocated against government use of facial recognition technology. Recently, EPIC’s Senior Counsel Jeramie Scott testified before Congress on CBP’s use of facial recognition, and EPIC submitted an amicus brief to the New Jersey Court of Appeals on the bias and the potential for error when facial recognition is used for criminal investigations.

Support Our Work

EPIC's work is funded by the support of individuals like you, who allow us to continue to protect privacy, open government, and democratic values in the information age.