With regard to children, Open Rights Group notes that collecting biometric data from children over 16 without consent could violate child protection standards: “According to the guidance of the Information Commissioner’s Office (ICO) on processing sensitive personal data under the UK GDPR, biometric data is categorised as special category data and requires explicit consent. The guidance stresses that when dealing with minors’ data, additional safeguards must be implemented to protect their rights. Therefore, collecting biometric data from children over 16 without proper consent could breach child protection standards, as it fails to meet the stringent consent requirements and the enhanced safeguards necessary for processing such sensitive information.”