Facewatch facial recognition declared compliant with UK data protection law
The Information Commissioner’s Office (ICO) says facial recognition vendor Facewatch complies with UK Data Protection laws, allowing retailers to continue subscribing to its service.
Facewatch is the controversial real-time facial recognition system that scans faces as people enter a store and flags if a “subject of interest” has entered.
The ICO have noted that facial recognition can balance personal privacy rights provided its use achieves a legitimate purpose. In this case, Facewatch has demonstrated that its service serves the legitimate interests of detecting and preventing crime.
The ICO also stated that Facewatch improved its product and will continue improving if required. According to the government, these improvements were sufficient to conclude that no further regulatory action is needed.
The finding follows certification to the UK’s Surveillance Camera Code of Practice by Biometrics Commissioner Fraser Sampson, affirming that Facewatch meets the requirements for performing live facial recognition.
Facewatch Chairman Nick Fisher said: “The ICO judgment and biometrics commissioner award underlines our commitment to best practice, both to prevent crime and protect staff and customers.”
Facewatch is the only facial recognition provider so far recognized as compliant with UK GDPR and the Surveillance Camera Code of Practice.
This may, indeed, be a one-off. Harvard Law School professor Kristina Libby Rowe has discussed the challenges of regulating facial recognition.
Increased regulation could benefit consumers, said Rowe, but wide agreement on a unified approach could be difficult.
Then there is the question about the status of biometric data. She said it is not globally treated as an individual’s property. Rowe has argued that the government should view biometric privacy as a national security concern and equate it to trade secrecy.
Rowe has also commented on the Biden administration’s proposed forced sale of TikTok, cautioning that without national data privacy laws, merely transferring the platform’s subscriber information to a United States firm would still be insufficient protection for consumers.
Article Topics
biometrics | criminal ID | data protection | Facewatch | facial recognition | Information Commissioner’s Office (ICO) | retail biometrics | UK GDPR
Comments