The Agencia espanola de proteccion de datos (AEPD) has published an assessment on the use of biometric data from a privacy perspective. The DPA underlines that biometric data operations will have a different degree of intrusiveness and impact on the privacy of individuals depending on the technique used and other factors, therefore the impact assessment of biometric operations must be carried out within the framework of a processing operation and in relation to its ultimate purposes. In the framework of a processing operation, any of the different biometric techniques involved have to be assessed according to their adequacy, proportionality and necessity, their purpose, their impact on the rights and freedoms of natural persons and the risks they entail, both for the individual and for society. The assessment provides a non-exhaustive list of some of the criteria that may be useful in typifying biometric operations in the context of a processing operation. Find the assessment here.