GDPR / ICO Complaint Filed Against Dahua

By IPVM Team, Published Jun 27, 2019, 09:57am EDT

IPVM Image

IPVM has filed a GDPR complaint against Dahua UK's facial recognition conducted at their booth during this year's IFSEC show.

In this post, we explain the reasoning behind the complaint and the difference between this one and the one we made last year, including:

  • Complaint Cause
  • Conference vs Exhibitors
  • Most Egregious
  • Previous Dahua GDPR Claims
  • Reasoning

Overall, we hope our case adds clarity on how facial recognition can be used under GDPR.

**************

** ***** ****, *****'* booth (***** ** ******* on **** **) ******** live ****** *********** ***** filmed ****** *** ******** their *****, ********** *** results ** * ** screen:

IPVM Image

***** ********* ****** *********** on **** ******** ****, attempting ** ***** **** or ********* **** ** a '********' ** *** excerpt ***** *****:

IPVM Image

*******, ***** *** *** obtain *** ******* ** people ********, *** *** it **** *** ************* for *** ********** **** IPVM ********. ********, **** saw ** ***** **** Dahua ********** ********** ********** was ****** ***** ******.

****, ** *** *******, is * ***** ********* of *** ****, ************ * ************* ********** ****** *** a *** **********.********* *** **** ********* that * ***** ** a ******** ********** ***** conceivably ***. *** **** states ********** ********** ** permissible **:

*** **** ******* ***given ******** ******* to the processing of those personal data for one or more specified purposes

*********, ** **** ***** a ********* ******* ***** for ********* *** **** to *** **'* **** protection ****** -*** *********** ************'* ******(***) - *** ************* ********* ****.

IFSEC ********** ** **********

** ****,**** ***** * **** complaint******* *****'* ********** (***) after ** ******** ***** and ***** ******* ****** recognition ***** ******* ***** consent **** *********.

*** *********** *** *********** *** ***** **** IFSEC ********** **** *** responsible *** *** ******' demos. ******, ** *** the ********* ***** *** demos ********** **** **** liable. **** ** *** this ****, ** ***** the ********* ******* ***** UK, *** *****.

Dahua **** *********

**** ***** **** ***** facial *********** **** *** the **** ********* ** violation ** *** ****. Other ****** *********** ********* at ***** *** ** disclosures ** ******* *** people's *****. ********, ***** video ************ ************* **** Axis, *********, *** ****** (Hisilicon) *** *** ******* live ****** *********** ** all.

Dahua **** '*********'

***** *** **** ******* GDPR ****** ******, ************ when **** **** *************** *** ** ******* had **** "*********" ** GDPR ********* ** *** Rheinland, * ******* ****** company:

IPVM Image

** ** *********, ** ******** *** be **** ********* *** the **** ****** ****** that ************* ******* ** not ****** **************** ** any ***. ************, ***** firms **** ****** ******* GDPR ************** ** ****, including******************.

*********

******* ********** ********** ***** strictly ********* ** *** GDPR, *** ** *** no ***** ****** *********** law ** *********** - something *** **'* ************ camera ************,**** ******,*** ****** ***.********, ***** **** ** just **** * **** old, ***** *** ***, if ***, *********** ***** showing *** ****** *********** should ** **** ** practice.

*** *** ** **** complaint ** *** *** UK ********** ** ******* when *** ***** ****** recognition ** ***********, *** how ** ***** **** an ************ ***** ** without ******'* ******* ** a ***** ****** ******** case.

**********

** **** ****** **** post ** *** **** makes *** *** ******* the ******. **** ****, the ********* **** ****** to ***** * ********** so ** **** ****** as *** **** ********.

Comments (26)

** ***** *********** ** the (****) ****** **** security ***** ***** *** going ** **** **** click-wrap ********** **** *** register **** **** "* give ** ******* ** be ****** *** ************* analyzed".

Agree: 5
Disagree
Informative
Unhelpful
Funny

** *****, ** *** UK, *** *** ***** that ** *** *** responsibility ** **** ********** exhibitor, ****** **** *** show ******. ** *** ****** **** GDPR ********* ******* *****, Decides **** ********* *********** ****'* ******** ***** *** show (******* **'* ***** or *** **** ** whoever ** *** *** 'data *********' ** *** facial *********** ******* **** exhibitors ***, ** ** the ********** **********).

Agree
Disagree
Informative: 6
Unhelpful
Funny

** *****, ** *** UK, *** *** ***** that ** *** *** responsibility ** **** ********** exhibitor, ****** **** *** show ******.

**********, ****** * ***** think **** * "*******" the ***** ***** ***** exhibitors ** ** ********* the ********** ******** *** gathering ***** *******.

** ***** ** ******** difficult, ** *** **********, for *** ********* ** handle **** ** ***** own ** **** **** to *********** ****** ********* openly ** ***** *****. You ***'* ******** *** booth *** *********** ******* without ****** ** ******** and ******** ** *** cameras ** **** *****.

*******, *** ** ********* even **** ***** *** potential ********** ****** **** could *** ****, ** the **** ********* **** not ******* * "***-*****" notification?

*** ****** *****, * think *** **** ***** to ****** **** * way ** ******* ****** consent, ** *** (*** patrol/enforce) ********** **** ********** anything **** ******** ****.

Agree: 1
Disagree
Informative
Unhelpful
Funny

**** **** **** ********, no ****** ****** ** be ***** **** ****** like * ******* *********, subscription *********

Agree: 1
Disagree: 10
Informative
Unhelpful: 1
Funny: 6

* ******** **** *** on ****. * ***** it ** **** *********** to *** ************-******* **** cases ****** *** ******** this ***. ** **** already **** **** ****** of ************* ** *** ICO ** ****** "*********" claims, **** **** ****** up ** ********. 

* ***** *** ******* kick-back ** ****'* ***** complaint *** **** *********** and *******.***** *** **** early *********** **** *** governing ****** ***** **** down ******* **** ** anyone ********* ****. ** have *** ****, ** least ** *** ********, evidence ** *** ********.

*******, *****, *** ******, have ** **** ** this ***** **** **** is * "*****", *** they ***** *********** ** violating **** **** **-***** demos. ** ** *** like **** ****** **** into ******* * ****-*** test ** *********, ** filed **** ** *********** guesses.

Agree: 7
Disagree: 1
Informative: 5
Unhelpful
Funny

** ** *** **** IPVM ****** **** **** running * ****-*** **** on *********, ** ***** this ** *********** *******.

******, *** ********, ***** and ********** **** ** were ************* **** *** that ** *** ***** last ****. *** **** IFSEC ****** * **** this **** ********* / warning **** ********** ***** be ****** *** ******* to ** ****** ***********:

***, *******, *** ** that, ***** ***** *** facial *********** *** ***** made ** ******* ** get *******.

Agree
Disagree
Informative: 4
Unhelpful
Funny

*’* ***** **** *** in **** ** *** proviso **** *** ******* in *** **** ** a ************ ******** ***********.  If **** **** **** was ** * ******** mall *’* ** **** you, *** ** * security ***** **** *** a ******!

Agree: 3
Disagree
Informative
Unhelpful
Funny: 1

** * ******** ***** show *** * ******!

** ** ******** **** security ***** ***** *** not ******* ** ********** processing *****, **** ***** be *********** ** ***. ***'* see **** *** *** says. **** ** *** point ** ****** ** that *** *** *** give **** ******** ***** how ***** ***** *** applied ** ********.

Agree
Disagree
Informative: 1
Unhelpful
Funny

* ** ********** ** question *** ***** ** paying *** ************ **** to ****. ******* **** this *** *** ******** to ** ** * member.  

Agree: 2
Disagree: 3
Informative: 2
Unhelpful
Funny

**** **** **** ****** - ** ***** *******, we ** *********, ** develop ******** (*.*., *** Calculator), ***. ** ****** one ***** *** *** of **. **'* **** a ******, *** **** is *** ** ****** everyone ***** ********** ********, it ** ** ****** we ******* ****** ******* value ** ******* *** cost ** ********** *** what ***** ****** *** will **** ** *** member.

#*, ** ***** *** specific ****** ** *** not ***** **** ***** provide ***** ** ***, please *** ** **** here.

Agree: 1
Disagree
Informative
Unhelpful
Funny

************* ********:

** ** * ********* even ** **** ********** doesn’t ****?

Agree: 1
Disagree
Informative
Unhelpful
Funny: 19

***** ***** ** *** cover ********* ********** **** as ****** ***********, * Dahua ** ******* *** pointed *** ** ******** that ***** *** **** a ***** **** ****** inside ***** *****, ** the ****** ***** ****:

*** *** **** ** to *** ***** ****:

***********, ** **** *** even ******* *** ****** recognition **** ***, **** 'facial ******'.

Agree
Disagree
Informative
Unhelpful
Funny

*********** ***** ** *** Galaxy

Agree: 2
Disagree
Informative: 1
Unhelpful
Funny: 6

**** ****. ***** ******** companies **** ** ** held *********** ** *******. Too **** **** *** being ****** ** ***** multinational ******* ********* **** virtually ** ************. ** a ** ******* **** to ***** *** *********** Chinese *** **** ***** certainly ** **** *********** there.

Agree: 2
Disagree
Informative
Unhelpful
Funny: 3

** * ** ******* went ** ***** *** disregarded ******* *** **** would ********* ** **** accountable *****.

** ********* ******** ******* a ******.

Agree
Disagree
Informative
Unhelpful
Funny

****** ** ***** ****** were ********** ********* ****, including ****** ***********.

***** *** ****** **** Dahua *** **** ******* out ** **** **** staff **** (******** ** have ****) ***** ** leave *** ***** ** that (********) ********* **** out ** ********** ** prevent **** ***** **** going ** ***** ***** or ******* ** *****?

*** **** *** **** this **** *** **** poorly ********...

Agree
Disagree: 1
Informative
Unhelpful
Funny

**** (********) ********* **** out ** ********** ** prevent **** ***** **** going ** ***** ***** or ******* ** *****

#*, ****? *********, ***** do *** *** ***** 'rumors' ****? *****, **'* completely *****. ******, ********* talked ** ** ** their *****. *****, ** actually********* **** ** *** IFSEC ******:

********* *** *** **** knowledgeable ** *** ******* companies **** ***** **** about *** **** ******

** * ****** *** diligence ****** ******** *** obviously ***** ******, **** enough #*?

Agree: 1
Disagree
Informative
Unhelpful
Funny

* **** ** **** if *** ******** * made **** **** ** they **** *** **** rumours...  **’* * ******, clearly ****** ** **** - *** ***’* ** due *** ** *******.  

***** ** **** ** not *** **** ** course ** **’* **** for *** ** *** to ******** **** ** there’d ** ****** ** read ;) 

** *** ***** *** your *****/*********** ** ***** the *****?

Agree
Disagree
Informative
Unhelpful: 1
Funny

*** ***’* ** *** dil ** *******.

** ******, *** ***. I ****** **** ** my ****** *** **** school *********, *********, ** industry ******* **** ******** can.

*** ***** '*****' ***: Hikvision *** ** ********** against **** *** ***** 2019. **** *** *** do ** *****? ****** IPVM *** *** ***** 2019 ********, ****** *******, no? ** **** ** right ** *** ****** of *** ***** ****** relevant ** **** '*****' that ** *** ***** with ****.

** *** ***** *** your *****/*********** ** ***** the *****?

*****, **'* ***** ***** **** ******, ** *****:

** *** ** ****** realizing ** **** **** IPVM. **** ** *** identified *********, ** **** a ***** ******* *** shouted **** ** ******'* speak ** **.

**, ** **** *** asked ** ***** *** stand *** ***** **** clear **** **** **** running **** ****** *********** including ****** ** *** aisle *** **** **** were *** ********** ******* for ********** **** ****** recognition.

* ** ***** ** answer *** ********* ****** if *** **** ** be ********* ** ** industry *******, *** ****** be **** ** ***** a ****** ****** ** fact ***** ** ** the ******* *****.

Agree
Disagree
Informative
Unhelpful
Funny

*** ***’* ** *** dil ** *******.

“** ******, *** ***.”

*** **** ****’** *** rumors ******* ;)

Agree
Disagree
Informative
Unhelpful
Funny

****, **'* **** *** to ***** *** ******** and **** ****** ******** by ****** '*****'

Agree
Disagree
Informative
Unhelpful
Funny: 2

** - * *** one **** ** ********** to *** ***** **** goes, *'* ******** ***** the ************ ** ********, but *** ******** ** otherwise ** ****** *********** needs ** ** ****** in *** ** ** line **** ****.

*** **** ** ** role ** **** ******* of ************ ********* ***** application *** ************. ** allows *** ***'* ** inform ******* ** *** situation **** *** ******** of ****** *********** ******. We **** ******* ** if *** ****** ******** it, *** ** *** always ** * ******** to ****** **** ***** it ****** ***** *********** so **** *** ****** an ******** ******.

Agree: 4
Disagree
Informative: 2
Unhelpful
Funny

*** ******** ** ********* of ****** *********** ***** to ** ****** ** the ** ** **** with ****.

* ********** *****... ** have ** ***** ********** upon ***** ** **** design, ************** ** ******.

**** ****** *** **** looking ** ** ** depth... *** ** *** also ***** **** *** enforcement ***** ** ** a ****** **********, ***** implemented ***.

** ** *******, *** GDPR *** ******* *** significantly ******* ** *** respect ** ** ******* in **********.

** * *******, ** need ** **** **** in * ****** ** real **** *********, ** create **** ********, *************, guidelines. * ******* **** should ****** ******* ** a ***** ********* ** we **** *** *********** of * **** ****** precedent, ***** ***** ** less ****** ** ***.

**’** **** **** *** legal ********* ** ******* consent *** ******* **** systems, ***** ***** **** that *** ******* ******** without ******* ** ** admissible! **** ***** ** be ********* ******* ******** on ** ****** ** probably *** ** *** best ********* ** ********** or *** *****.

Agree
Disagree
Informative
Unhelpful
Funny

*** **** ****** ****** DAHUA *** *********, **** is *** *******?

Agree
Disagree
Informative
Unhelpful
Funny: 1

*** **** ****** ****** DAHUA *** *********, **** is *** *******?

****** ******.

Agree
Disagree
Informative
Unhelpful
Funny: 1

******: *** *** ***** us ** ***** *****, which ** *** ** July **, ****. ***** finally *********, ****** * months *****, ******** *** usage ** ******* ** justification, ****** *****:

*** ***** ** *** ICO ***:

**do *** ****** *****'* ******** ** *** basis ****:

*. ***** *** ****'* Article *, ******* *** not * ***** ***** for ********** ** ******* categories ** ******** **** like **********, *******'* ********* ********** ******* do *** *****.
*.********* *** **** *** "captured ********, *** *** the ******* ** *********** a ********** ******* ******". However, ** ** ********* in *** ******** *********: "importantly, * **** ** face *** ******** ** a ******** ** ******* as ************** ******* ** * 'stranger' *** *** *** do ** *** ****** who **** ****** ** the ******". *** ******** Data ********** ***** *** explicitly ****** **** ******* people's ***** *** ********* them ** * ******** via ****** *********** ****** as ********** ********** ***** Article * ** *** "purpose ** ** ******** identify ******* *******".*******,*** **** **** **** counts ** ********** ********** regardless ** ******* *** person ****** *** ******** in *** ******** ** not. ****** ***** ** the**** ***** ************ **********, ******* **, **** 17.

** **** ****** **** report **** ** **** material ******** **** *** ICO.

Agree
Disagree
Informative
Unhelpful
Funny
Read this IPVM report for free.

This article is part of IPVM's 6,898 reports, 921 tests and is only available to members. To get a one-time preview of our work, enter your work email to access the full article.

Already a member? Login here | Join now
Loading Related Reports