Big Brother Watch: complaint against private sector facial recognition
Big Brother Watch is a non-profit organisation based in the UK. They run campaigns and produce investigative reports designed to inform the public and lawmakers on the risks of surveillance technology deployment by private companies and the state.
In 2021, Big Brother Watch (BBW) had been investigating the production and deployment of live facial recognition (LFR) technologies by a company called Facewatch. Facewatch provides LFR technology to many businesses across the UK, including to the Co-op supermarket chain. The LFR installed in Co-op’s stores automatically scan the face of every visitor without their knowledge. Staff have the power to use this technology to place visitors on a watchlist at their discretion. The criteria for adding people to these lists are vague, and these lists can be used by other Facewatch clients — not just the Co-op.
BBW asked AWO’s litigation team to examine the use of LFR systems by Facewatch, and determine whether their use case complies with the GDPR.
The litigation team’s analysis of the use of this technology has revealed a range of possible breaches of the GDPR by Facewatch’s system. The team sent a complaint to the Information Commissioner’s Office on behalf of Silkie Carlo, Director of BBW, explaining that (among other issues):
- Facewatch have been relying on a ‘substantial public interest’ in their processing of biometric data, but have provided little evidence to support this.
- The amount of information they provide to individuals who are put on watchlists is insufficient to be in line with the GDPR’s fairness principle and transparency standards.
- The processes behind the creation of the watchlists is improperly safeguarded, and have accuracy issues, which could lead to unfair bias and serious detrimental outcomes for individuals