UK ICO Denies IPVM GDPR Complaint Against IFSEC, Decides Each Exhibitor Responsible

Author: John Honovich, Published on Dec 06, 2018

The UK Information Commissioner's Office (ICO) has denied IPVM's complaint against IFSEC for misuse of facial recognition.

Each Exhibitor Responsible

Importantly, the ICO has determined that, contrary to UBM's claim, each exhibitor is responsible for conforming. In a December 5, 2018 message to IPVM, the ICO explained:

Each Exhibitor could be regarded as an independent and separate data controller of their propriety equipment who would be responsible for ensuring it fulfils its fair processing obligations.

The ICO contrasted this to UBM / IFSEC, saying:

UBM does not actually process or retain any personal data captured by facial recognition technology during the IFSEC convention.

IFSEC Registration Consent Not Applicable

To the contrary, UBM told IPVM at IFSEC 2018 that the data notice on the back of attendees’ badges provided consent for their exhibitor's facial recognition. Read it here and see it below:

Given the decision of the ICO, IFSEC's consent will not cover their exhibitors for data processing such as facial recognition.

Get Video Surveillance News In Your Inbox
Get Video Surveillance News In Your Inbox

Challenge For Exhibitors

This creates a challenge for exhibitors as, according to the GDPR, which went into effect in May 2018 and to which the UK is party to, biometrics processing like facial recognition is considered a "special category of personal data" and is generally prohibited with important exceptions.

One of those exceptions is informed consent with specified purposes. Article 9, section 2(a) of the GDPR states that biometrics are allowed if:

the data subject has given explicit consent to the processing of those personal data for one or more specified purposes [emphasis addded]

Article 7 also states consent notices must be written:

in a manner which is clearly distinguishable from the other matters, in an intelligible and easily accessible form, using clear and plain language [emphasis added]

No Consent At 2018 IFSEC Show

No consent was requested by any IFSEC 2018 exhibitor using facial recognition that we visited.

Going Forward

The ICO decision here will help clarify the responsibilities that exhibitors and vendors have when they use facial recognition but raises questions of how exhibitors will actually conform with GDPR when using facial recognition.

1 report cite this report:

GDPR / ICO Complaint Filed Against IFSEC Show Facial Recognition on Jun 20, 2018
IPVM has filed a complaint against IFSEC’s parent company UBM based on our concern that the conference violates core GDPR principles on...
Comments (1) : PRO Members only. Login. or Join.

Related Reports on Legal

Sublethal Camera Gun Examined on Dec 06, 2018
Sublethal is a South African company that manufactures a remotely-controlled, camera-enabled gun called the Boomslang, which is Afrikaans for tree...
ADT Wins Fire Death Suit But Faces Appeal on Dec 05, 2018
ADT/Protection 1 has won a wrongful death court case in which it was sued by the estate of a deceased customer. However, the attorney for the...
French Government Threatens School with $1.7M Fine For “Excessive Video Surveillance” on Nov 14, 2018
The French government has notified a high-profile Paris coding academy that it risks a fine of up to 1.5 million euros (about $1.7m) if it...
Former Manufacturer Axcess Sues Avigilon, Genetec, Others for Patent Infringement on Oct 24, 2018
Axcess International, Inc. has sued Avigilon, Genetec and ACTi, among others for patent infringement. Who are they and what are their complaints...
Default Passwords Outlawed in California, US To Follow on Oct 09, 2018
UPDATES A new California bill aimed at improving security for connected devices has been signed into law. The law takes aim especially at...
Ascent / MONI Faces Lender Lawsuit and Debt Crisis on Sep 13, 2018
ASCMA, aka Ascent, aka Brinks Home Security, aka MONI, aka Monitronics is being sued by a group of their lenders who allege: As of June 30,...
France Political Scandal Reveals Video Surveillance Problems on Aug 22, 2018
In what French media describes as "the most damaging crisis yet for" French President Macron, a political scandal has revealed major gaps in the...
SimpliSafe Violating California, Florida, and Texas Licensing Laws on Aug 14, 2018
IPVM has verified that DIY security system provider SimpliSafe, founded in 2006 and acquired in June of 2018 at a billion dollar valuation, is...
Nortek Sues SDS, Battle Over Unpaid Bill and Cancelled Lines on Aug 13, 2018
Nortek and SDS legal battle continues. As IPVM reported, SDS sued Nortek alleging bribery and antitrust violation. However, Wave fired back at SDS,...

Most Recent Industry Reports

The 2019 Video Surveillance Industry Guide on Dec 10, 2018
The 300 page, 2019 Video Surveillance Industry Guide, covers the key events and the future of the video surveillance market, is now available,...
Multi-Factor Access Control Authentication Guide on Dec 10, 2018
Can a stranger use your credentials? One of the oldest problems facing access control is making credentials as easy to use as keys, but restricting...
Top 2019 Trend - AI Video Analytics on Dec 10, 2018
160+ Integrators answered: What do you think the top industry trend will be in 2019? Why? AI / video analytics was the run-away winner with...
AV Tech Company Profile on Dec 07, 2018
Taiwanese manufacturer AV Tech's revenue declined ~70% since 2012. Planning a comeback, AV Tech spoke to IPVM about their opportunities and...
Ubiquiti $79 Flex IP Camera Tested on Dec 07, 2018
U.S. Manufacturer Ubiquiti has released a 1080p, integrated IR IP camera, selling it directly for $79, making this one of the least expensive IP...
Infinova's Xinjiang Business Examined on Dec 07, 2018
As pressure mounts for companies to stop doing business in China’s Xinjiang region amid a severe human rights crisis, IPVM has found Infinova sold...
Akuvox Intercom Profile on Dec 06, 2018
Akuvox, a Chinese manufacturer of VoIP products, is expanding heavily into Video Intercom products with disruptive pricing targeted for commercial...
Sublethal Camera Gun Examined on Dec 06, 2018
Sublethal is a South African company that manufactures a remotely-controlled, camera-enabled gun called the Boomslang, which is Afrikaans for tree...
UK ICO Denies IPVM GDPR Complaint Against IFSEC, Decides Each Exhibitor Responsible on Dec 06, 2018
The UK Information Commissioner's Office (ICO) has denied IPVM's complaint against IFSEC for misuse of facial recognition. Each Exhibitor...
VMS Live Monitoring Shootout - Avigilon, Dahua, Exacq, Genetec, Hikvision, Milestone, Network Optix on Dec 05, 2018
Viewing live video is the first interaction and most common task most users have with a VMS. Who does it best and worst? Who offers the most...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact