UK ICO Denies IPVM GDPR Complaint Against IFSEC, Decides Each Exhibitor Responsible

By: John Honovich, Published on Dec 06, 2018

The UK Information Commissioner's Office (ICO) has denied IPVM's complaint against IFSEC for misuse of facial recognition.

Each Exhibitor Responsible

Importantly, the ICO has determined that, contrary to UBM's claim, each exhibitor is responsible for conforming. In a December 5, 2018 message to IPVM, the ICO explained:

Each Exhibitor could be regarded as an independent and separate data controller of their propriety equipment who would be responsible for ensuring it fulfils its fair processing obligations.

The ICO contrasted this to UBM / IFSEC, saying:

UBM does not actually process or retain any personal data captured by facial recognition technology during the IFSEC convention.

IFSEC Registration Consent Not Applicable

To the contrary, UBM told IPVM at IFSEC 2018 that the data notice on the back of attendees’ badges provided consent for their exhibitor's facial recognition. Read it here and see it below:

Given the decision of the ICO, IFSEC's consent will not cover their exhibitors for data processing such as facial recognition.

Get Notified of Video Surveillance Breaking News
Get Notified of Video Surveillance Breaking News

Challenge For Exhibitors

This creates a challenge for exhibitors as, according to the GDPR, which went into effect in May 2018 and to which the UK is party to, biometrics processing like facial recognition is considered a "special category of personal data" and is generally prohibited with important exceptions.

One of those exceptions is informed consent with specified purposes. Article 9, section 2(a) of the GDPR states that biometrics are allowed if:

the data subject has given explicit consent to the processing of those personal data for one or more specified purposes [emphasis addded]

Article 7 also states consent notices must be written:

in a manner which is clearly distinguishable from the other matters, in an intelligible and easily accessible form, using clear and plain language [emphasis added]

No Consent At 2018 IFSEC Show

No consent was requested by any IFSEC 2018 exhibitor using facial recognition that we visited.

Going Forward

The ICO decision here will help clarify the responsibilities that exhibitors and vendors have when they use facial recognition but raises questions of how exhibitors will actually conform with GDPR when using facial recognition.

2 reports cite this report:

GDPR / ICO Complaint Filed Against Dahua on Jun 27, 2019
IPVM has filed a GDPR complaint against Dahua UK's facial recognition...
GDPR / ICO Complaint Filed Against IFSEC Show Facial Recognition on Jun 20, 2018
IPVM has filed a complaint against IFSEC’s parent company UBM based on our...
Comments (3) : Members only. Login. or Join.

Related Reports

UK ICO Approves Unconsented Facial Recognition At Security Conferences on Feb 05, 2020
The UK's data protection agency has declined IPVM's GDPR complaint against...
"ONVIF Has Chosen Not To Enforce Their Copyright." on Mar 11, 2020
ONVIF has taken a bold and highly unconventional approach, telling IPVM,...
UK Firm Markets False Fever Screening, Hikvision Disavows on Jun 30, 2020
A UK security firm falsely claimed its Hikvision-based thermal solution could...
Hikvision Admits Minority Recognition, Now Claims Canceled on Jul 23, 2020
For the first time, Hikvision has directly addressed its minority recognition...
IPVM Rejects Feevr's Improper Threats And Demands on May 04, 2020
IPVM categorically rejects Feevr's improper threats and demands submitted...
Avigilon Face Mask Detection Tested on Jun 24, 2020
Face mask detection or, more specifically not wearing a face mask, is an...
FDA Gives Guidance on 'Coronavirus' Thermal Fever Detection Systems on Mar 30, 2020
The US FDA has given IPVM guidance on the use of thermal fever detection...
Hikvision Illicitly Uses Back To The Future In Marketing on Jul 03, 2020
NBCUniversal told IPVM that Hikvision UK's ongoing coronavirus marketing...
Hikvision CEO And Vice-Chair Receive Warning, Government Investigation Concluded on Mar 16, 2020
The China Securities Regulatory Commission (CSRC) has concluded their...
Uniview Heat-Tracker Temperature Screening Series Examined on Apr 22, 2020
Uniview is marketing #UNVagainstCOVID19 with their Heat-Tracker series,...
ZKTeco SpeedFace+ Are Medical Devices, Per FDA Definition, Contrary Claims Are False on Jun 12, 2020
ZKTeco SpeedFace+ series products are medical devices as defined by the US...
"He Is An Idiot!" Exclaims SIA Director John Mack on Mar 23, 2020
Here is another inside look into the "leaders" of the security industry. SIA...
New: Mobile Access Proxy Releases 'World's Smallest Mobile Reader' on Mar 04, 2020
Mobile access provider Proxy claims its new Nano is 'the world’s smallest...
FLIR Suspends Agreement With Feevr on May 07, 2020
Thermal manufacturer FLIR has suspended its agreement with Feevr (aka...
Clinton Public View Monitor (PVM) Mask Detection Tested on Jul 09, 2020
Face mask detection, or more specifically not wearing one, is expanding...

Recent Reports

Video Analytics Online Show September 2020 Opened - Axis, Avigilon, Bosch, BriefCam, Genetec, Milestone + 30 More on Aug 12, 2020
IPVM's sixth online show will feature 35+ Video Analytics companies...
The German Company Powering Many China Temperature Tablets (Heimann) on Aug 12, 2020
Many fever tablet suppliers market German-made Heimann thermal sensors while...
Salesforce Drops Dahua and Hikvision on Aug 12, 2020
Salesforce has dropped Dahua and Hikvision as customers, forcing the two mega...
Access Control Course Fall 2020 - Register Now - Save $50 Last Chance on Aug 12, 2020
IPVM offers the most comprehensive access control course in the...
Genetec CEO Declares "We Don't Negotiate Payment With Patent Trolls" on Aug 11, 2020
Are patent trolls like terrorists? Genetec's CEO is coming out strongly...
Hanwha AI Analytics Camera Tested on Aug 11, 2020
Hanwha has released their Wisenet P AI camera, adding person and vehicle...
Alabama Schools Million Dollar Hikvision Fever Camera Deal on Aug 11, 2020
The Baldwin County, Alabama public schools purchased a $1 million, 144-camera...
Dahua Taunts Australian Government, Continues To Sell Illegal Fever Cameras on Aug 10, 2020
Dahua is effectively taunting the Australian government by continuing to sell...
HID Releases VertX Replacement Aero on Aug 10, 2020
HID is replacing two established and broadly supported types of access...
NDAA Compliant Video Surveillance Whitelist on Aug 10, 2020
This report aggregates video surveillance products that manufacturers have...
Telpo China Temperature Tablets Tested on Aug 10, 2020
The provider for overseas companies ranging from Canon Singapore to US'...
Dangerous Hikvision Fever Camera Showcased by Chilean City on Aug 07, 2020
Deploying a fever camera outdoors, in the rain, with no black body, is...
"Grand Slam" For Pelco's PE Firm, A Risk For Motorola on Aug 07, 2020
The word "Pelco" and "grand slam" have not been said together for many years....
FLIR Stock Falls, Admits 'Decelerating' Demand For Temperature Screening on Aug 07, 2020
Is the boom going to bust for temperature screening? FLIR disappointed...
VSaaS Will Hurt Integrators on Aug 06, 2020
VSaaS will hurt integrators, there is no question about that. How much...