The Danish Data Protection Authority has – following an application from FC Copenhagen – granted permission for the club to use facial recognition at FC Copenhagen football matches.
In its application on 5 April 2024, FC Copenhagen requested permission to process sensitive information pursuant to Section 7(4) of the Danish Data Protection Act. The application included processing of biometric data for the purpose of uniquely identifying a person using automatic facial recognition when holding any event at Parken and for FC Copenhagen’s away matches at stadiums other than Parken Stadium.
The Danish Data Protection Agency approves facial recognition for FC Copenhagen matches
The Danish Data Protection Authority has – after reviewing the case in the Data Council – granted permission for FC Copenhagen to use automatic facial recognition at the club’s matches in order to support the enforcement of the rules on club quarantines and general quarantines in connection with football matches.
The technology can therefore be used for access control at the entrances to Parken Stadium, at the stadium and at mobile facilities in connection with the holding of FC Copenhagen football matches, including training matches, with the participation of teams from the Super League, 1st and 2nd divisions, as well as at football matches under UEFA auspices.
Impact assessment requirements
The permit states, among other things, that the processing must comply with the rules on the preparation of an impact assessment – including in particular the requirements for the content of an impact assessment. The impact assessment must be carried out before the processing begins.
Furthermore, for the record, the Danish Data Protection Agency has pointed out that the use of images from surveillance cameras may be covered by Section 4c, subsections 4 and 5 of the Television Surveillance Act.
The permit does not include international football matches.
The Danish Data Protection Authority is currently processing the part of the application that concerns the use of facial recognition in connection with international football matches . The Danish Data Protection Authority has asked FC Copenhagen a few supplementary questions about this and expects to make a decision on this part of the application soon.
For other events that are not football matches, the Danish Data Protection Authority has decided that the processing of biometric data – and thus the use of facial recognition technology – cannot, in the opinion of the Authority, be considered necessary for reasons of essential public interest.