85E—Confidentiality of biometric data
(1) A person must not
use or disclose biometric data derived from a
biometric identification procedure relating to a visitor to a prison except as
is reasonably required for the purposes of carrying out the biometric
identification procedure.
Maximum penalty: $10 000 or imprisonment for 2 years.
(2) A person must not
use or disclose biometric data derived from a
biometric identification procedure relating to a prisoner except as is
reasonably required—
(a) for
the purposes of carrying out the biometric identification procedure; or
(b) in
connection with the control and management of a correctional institution; or
(c) for
any other purpose contemplated by this Act.
Maximum penalty: $10 000 or imprisonment for 2 years.
(3) In this
section—
"biometric data" means fingerprint data, iris scan data, or any other
prescribed data or data of a prescribed kind that describes physical
characteristics of a person or part of a person that may be used to identify
the person;
"biometric identification procedure" means a procedure in which biometric data
relating to a person is obtained by means of photograph or scan and compared
with other biometric data for the purposes of identifying the person.