London's King's Cross facial recognition cams under regulator lens
The UK Information Commissioner's Office (ICO) is looking into the facial-recognition system installed by real estate developer Argent LLP in London’s King's Cross area, media reports heated up the debate on illegal snooping.
The ICO has announced that it will inspect how the system placed in the area is operated in order to make sure that no data protection laws were being violated.
The Financial Times reported first about the use of live face-scanning system across the 67-acre site around King's Cross station in London.
"Scanning people’s faces as they lawfully go about their daily lives, in order to identify them, is a potential threat to privacy that should concern us all. That is especially the case if it is done without people’s knowledge or understanding," said information commissioner Elizabeth Denham in an announcement.
"I remain deeply concerned about the growing use of facial recognition technology in public spaces, not only by law enforcement agencies but also increasingly by the private sector. My office and the judiciary are both independently considering the legal issues and whether the current framework has kept pace with emerging technologies and people’s expectations about how their most sensitive personal data is used," she added.
London mayor Sadiq Khan wrote to the developer enquiring about its use of facial-recognition systems, the BBC reported.
"King’s Cross station’s use of facial recognition technology highlights the potential threat to personal privacy that today’s advanced technologies can bring. This technology is being used to track tens of thousands of people in one of the busiest stations in London. Ultimately, it raises the question – how much surveillance is too much?" asked David Emm, principal security researcher at Kaspersky
The real estate developer has not disclosed the scope and term of the system or the use of the data collected. Media enquiries from the FT, the BBC, and the Register received a staple reply from the company PR.
"These cameras use a number of detection and tracking methods, including facial recognition, but also have sophisticated systems in place to protect the privacy of the general public," it said.
"Facial recognition and video surveillance are covered by a complex web of regulations which isn’t easy to navigate," said Tamara Quinn, partner at law firm Osborne Clarke.
"Under the GDPR, use of biometrics, such as facial recognition systems, is covered by stricter safeguard than ordinary personal data. For many companies, this means that they may need to get consent from every person scanned and prove that these individuals were fully informed and have given consent freely, without pressure or being penalised for not participating," she added.
"It is completely understandable that the general public will want to know why they are being monitored, and for what purposes," said Jason Sierra, sales director for Seven Technologies Group. "However, with facial recognition technology, they are not being monitored in the traditional sense. They are being detected and analysed but then ignored as a threat."
"This is a huge potential threat to people’s personal freedom, and it’s evident that no one has given consent to the capture of their personal features in this way. Kings Cross may insist that the collection of such data is being done purely for "public safety" and to give its customers the ‘best possible experience’, but it's unclear what benefit is offered by collecting such granular data," noted Emm.
The ICO investigation announcement comes on the heels of the Biostar 2 fiasco. The global biometrics services vendor, of which the London metropolitan police is a customer, had left data -- including data including fingerprints, facial recognition details, face photos of users, unencrypted usernames, passwords and personal details of employees -- unprotected.
Kings Cross also faces a similar issue, said Emm.
"Like all data, it will be of value and therefore desired by cybercriminals. So, if this data falls into the hands of the wrong people, the outcome could be catastrophic. At the end of the day, we can change our passwords, but we can’t change our facial or other physical features, and businesses should be transparent on exactly how this technology could be used before unleashing it on an unsuspecting public."
source scmagazineuk
Industry: Cyber Security
Latest Jobs
-
- Director of Sales Engineering
- Paris
- Up to €110,000 plus bonus and benefits
-
Location: Paris Salary Upto €110,000 plus bonus and benefits Reference: RA 7382 Director of Sales Engineering This rapidly expanding Cloud Service company are looking for an experience Director of Sale Engineering (Pre sales), to help them expand both their customer base and also their sales engineering team, You will be responsible for managing a team spread across Europe, (France, Germany and UK currently 6) Your responsibilities will include : Organising and monitoring your pre-sales team activity in coordination with your management. Building and managing a pan European team. Making sure your team members are on track with company or individual KPIs. Managing your own set of customer/proposal Coordinating closely with Sales – you will work alongside Account Managers, serving as a technical lead for more standard solutions development. Assigning required resources to the Complex Solution team when required by your management. Working closely with the engineering and product teams to provide customer and market feedback Participating in the planning and execution of various partners facing activities. The role may include actively driving presentations creation or delivery, and general networking activities. As well as previous experience in leading a sales engineering/ presales team you will require both Telecommunications (MPLS, Ethernet,) and Cloud platforms (Azure, Aws, Oracle etc) knowledge.
-
- Product Manager - Access Controls
- London
- £50,000 - £90,000
-
An Identity and Access Controls vendor are currently looking to bring on board an exceptional Product Manager with recent exposure around Access Controls and Identity Management. The particular portfolio this person would be responsible for is their Events and transportation Access controls solutions. Managing and overseeing Configuration and implementations of these solutions. The Product Manager would need previous experience within a similar product suite, particularly around Access Controls/ Identity & Access Management delivery programmes. Project size will vary from £200,000 to larger multi-million pounds, so someone with experience managing these sizes of projects is key. This will be a client facing position, so someone with strong customer engagement skills, and the willingness to travel will be essential. If you have any project management certifications, for example Prince2 Practitioner, This will be hugely advantageous. Due to some of the Engineering team being based in Italy, Someone with strong Italian speaking and listening skills will be a front runner, but this is not an essential skill. Unfortunately sponsorship can't be provided to non-eu candidates TC7774 Salary: £50,000 - £90,000 Location: London with travel Cyber Security Jobs | Information Security Jobs | Access Controls Jobs | IDAM Jobs | IAM Jobs | Identity And Access Management Jobs
-
- CyberArk Specialist
- London
- Up to £90,000
-
We are currently working with an International Outsourcing business who are looking for a CyberArk Specialist to assist with a large scale Identity and Access Management rollout across large Financial institutions. This business is at the forefront of the financial services market, working alongside some of the largest banks globally, so this will be a great chance to be a key figure in large digital transformation projects. The CyberArk Specialist responsibilities for this role will to be the lead in the Configuration and Design of a Large Privileged Access Management rollout of the CyberArk suite. Solutions Design Client Engagement Liaison between the business and Technical teams If you have strong hands on CyberArk exposure and are looking to move into more of a Business led programme, this is a great opportunity to make that transition. The CyberArk Specialist will be mostly spent on client site, which is based in London. So the right individual will be commutable into Central London. Candidates must be based in the UK. Sponsorship can't be provided to non-eu applicants Salary: £Up to 90,000 Location: London REF: TC7773 CyberArk Jobs | Information Security Jobs | Cyber Security Jobs | IDAM Jobs | IAM Joba | Identity and Access Management Jobs
-
- Internal Cyber Security Consultant - Technology and Information Security
- Reading
- Up to £60,000
-
CH7770 Internal Cyber Security Consultant - Technology and Information security Reading £60,000 Internal Cyber Security Consultant needed in Reading. If you have a blend of hands on experience between security technology solutions and information security and want to be the go to person within an organisation to drive, shape and maintain the security landscape then apply today. MUST be commutable to Reading The Internal Cyber Security Consultant role requires a blend of hands security technology and information security experience- advisory / implementing. Specifically Technology - Support, maintaining, configuring, analysing logs of internal Security technology. As well as identifying new technologies to implement into the business. Information Security - Ensuring policies are relevant to the internal security technology, ensuring ISMS is up to date, aiding in new policy definition. Security user awareness - training. Internal Cyber Security Consultants role will be diverse covering the breadth of the Security landscape. All details kept in the strictest of confidence. Chris.Holt@dclsearch.com 07884666351