Police forces use of facial recognition software determined lawful – R (Bridges) v Chief Constable of South Wales Police [2019] EWHC 2341 (Admin)

“The algorithms of the law must keep pace with new and emerging technologies.”- at p[1]

The Facts

The Administrative Court, with Haddon-Cave LJ and Swift J sitting, has heard the first case on the lawfulness of the police using automated facial recognition software (“AFR”). The case concerned the South Wales Police (“SWP”) use of AFR in two instances where they allegedly recorded the image of the Claimant. Once on 21 December 2017 at Queen Street Cardiff and another at the Defence Procurement, Research, Technology and Exportability Exhibition (“the Defence Exhibition”) on 27 March 2018.

Continue reading

5 ways to promote data privacy

Opt-ins and diversify basis’ for processing data

User consent underpins data protection rights as a lawful basis for processing. The consent-based mechanism is just one lawful basis for processing but the most debated. This is primarily around the slow abolition of opt-out consent as a legitimate mechanism for obtaining consent. Continue reading

Voice command data and privacy protection, Part II- Apple’s Siri

Apple recently released a statement on its development of automated assistant Siri’s privacy protections. The result is a move towards doing everything right in safeguarding consumer privacy. When compared to Amazon’s protections for its Alexa service market shifts and best practice become clear, making for better adherence to the seven data protection principles underpinning the GDPR.
Continue reading

Voice command data and privacy protection, Part I- Amazon Echo’s Alexa

AI pictureThe increasing encroachment of audio-activated devices into our personal lives presents unique privacy challenges. Recent events have prompted the review of how audio-activated devices collect, store, transmit and use data, prompting concern and highlighting a number of long term lessons to be learned.
Continue reading

Citation: The access of mobile phones by the police – Owen Bowcott, The Guardian

The Guardian has posted on Privacy International’s recent challenge to mobile phone interception by the police force.

The issue centers around the extraction of data from mobile phones by the force. Software is used to download the files stored on the accessed mobile devices. NGO Privacy International is challenging the invasiveness and proportionality of the practice in harvesting personal data in the course of investigations.

red smartphone on white surface

The outcome of the case will have significant repercussions for mobile data privacy and mobile developments. Mobile privacy has been a hot topic issue since the US Apple vs. FBI encryption case in relation to the investigation of the San Bernadino Shootings in 2016. We will have coverage of the case once judgment is handed down.

Look out for the new incoming ePrivacy Regulation and its GDPR integration

The European Data Protection Board issued a statement on 13 March 2019 urging the European Authorities to implement the new ePrivacy Regulation (the “Regulation”).

The Regulation itself sits alongside the existing GDPR framework and focuses on email marketing and cookies consent.

Debate has been generated around the extent to which the Regulation and the GDPR practically sit alongside each other to ensure that the, now onerous, data protection regime does not duplicate obligations. The Panopticon Blog has an excellent post covering this issue from Robin Hopkins. Continue reading