GDPR & Regulation: The TouchByte Approach
Buckle in, team. It’s a long one this time.
Facial recognition is frequently pigeonholed as a sensitive subject, particularly surrounding GDPR regulations and privacy.
A common misconception is that it lacks any form of regulation. Because of this misconception, we at TouchByte feel it is essential to explain how we regulate our facial recognition solutions, and why we feel it is vital that we do so.
Firstly, it’s important that users understand the regulation behind Live Facial Recognition (LFR), and how this differs slightly to CCTV. While it may seem like a huge leap between the two, the principles behind the analytics are very similar.
They’re implemented in similar ways; the difference being the sophistication behind the technology, allowing facial recognition to provide that extra level of analysis, safety, and protection.
While it may seem an unnecessary measure to some, it should in fact have the perception of being a vital safety tool, and an aid towards providing a frictionless, safety-conscious society.
Because TouchByte focusses on providing solutions to “people in places”; sectors mainly including retail, hospitality, and travel, our background and the legalities behind the usage of our technology isn’t quite the same of that of a police force or the government.
We aim to provide sophisticated, tailored solutions to a multitude of environments within the sectors that we represent, and each specific sector often comes with its own set of rules attached.
The Information Commission Office has released a blog post on the difficulties of monitoring and regulating LFR, to ensure that it is deployed in a safe, and responsible manner.
They created a checklist of requirements that they deem fundamental within the deployment of facial recognition. Some of these requirements include:
“Carry out a data protection impact assessment and update this for each deployment.”
This is advised because of the sensitive nature of the processing involved in LFR, the volume of people affected depending on where the technology is being implemented, and the impact that this can then have on the individual.
We at TouchByte designed our solutions with GDPR in mind, meaning that all of our software is GDPR compliant and legal.
“Produce a bespoke ‘appropriate policy document’ to cover the deployments – it should set out why, where, when, and how the technology is being used.”
In response to this, TouchByte has a variety of different solutions for a number of different scenarios. Dependent on how our technology is deployed, this then influences our “bespoke appropriate policy document”.
For example, the nature of our solution Facentry, requires the consumer to create their own database of faces. For example, guests who sign up to use FR when they book their stay at a hotel using TouchByte technology. This style of solution works in a slightly different way to AgeCheck, meaning that we create a selection of bespoke, tailored policy documents to explain how our technology works, to adapt to each of our solutions and clients.
“Ensure the algorithms within the software do not treat the race or sex of individuals unfairly.”
For those of you who have kept up to date with our myths and misconceptions articles on LinkedIn, you’ll have an understanding of how algorithms work, and how to better them through extensive testing.
But for those of you who aren’t so sure, TouchByte ensures that its software is tested on a variety of faces, to ensure that it isn’t biased to one specific gender or ethnicity. How software handles analysing variations within ethnicity really just boils down to what the software is used to.
For example, if software has been developed and tested predominantly within Asia, the software will have a better understanding of how to analyse Asian faces. The way to combat this, is to simply test your software extensively, on a larger range of ethnicities, ages and genders.
TouchByte ensures that we remain up to date with current policy and regulation surrounding the use of Live Facial Recognition. Our main aim is to show how FR isn’t a dystopian nightmare; it’s actually a very useful tool for ensuring safer environments, and a more personalised service for your valued customers.
Want to find out more? Got any questions? Get in touch today. www.touchbyte.co.uk
