UK’s biometric advisory group recommends voice recognition regulator

The UK should establish new regulatory bodies for voice recognition to mitigate concerns such as bias, data collection without consent and lack of human oversight, according to recommendations from the Home Office’s Biometrics Forensics Ethics Group (BFEG).

On Monday, the government advisory body published a list of six recommendations designed to ensure that the technology is being used ethically. BFEG also warned that the use of voice recognition is rising but regulation and oversight in the UK are falling behind as the country discusses regulating other biometric technologies, including facial recognition.

The recommendations are part of a briefing note focusing on different voice recognition use-cases, including law enforcement surveillance and government secure portal log-ins.

The first recommendation from the public agency tackles a familiar problem among lawmakers – bias. Voice recognition models must be free of implicit biases against any groups of the population, the document states.

“This may be through an understanding and insight into the data used to train it, or through extensive and inclusive testing,” says BFEG.

The second recommendation concerns data: All audio recordings that have the potential to be used by voice recognition technology should be treated as containing biometric data and handled accordingly, according to the briefing note.

Recommendation No. 3 states that humans must have a clear role in overseeing voice recognition systems, while the fourth deals with deepfakes.

“Voice recognition use-cases must be underpinned by a clear and effective approach for spotting and excluding any voice samples that are not genuine, i.e., have been generated through spoofing or deepfake technology.”

Finally, the last two points recommend the establishment of an independent ethics group to assess and govern the use of voice recognition, as well as an independent regulator to ensure that the technology is deployed ethically.

Aside from recommendations, the briefing also analyzes a case study of the UK tax agency’s use of voice recognition to authenticate users. In 2029, His Majesty’s Revenue and Customs (HMRC) was ordered by the Information Commissioner’s Office (ICO) to delete five million user records because they were obtained without valid consent.

HMRC is currently developing a new voice biometrics ID process that complies with the Data Protection Act 2018.

The briefing note is based on inputs from the public sector, academia, civil society and industry players,such as Ingenium Biometrics, Intelligent Voice and Oxford Wave Research. The HMRC, the London Metropolitan Police, the ICO and the Equality and Human Rights Commission also participated as stakeholders.