School ID checks lead to GDPR fine – A watchdog has penalised a local authority for trialling facial recognition on high-school students in Sweden to keep track of attendance.
The Swedish Data Protection Authority (DPA) fined the Skelleftea municipality 200,000 Swedish Krona (£16,800, $20,700) for flouting a privacy law.
The trial involved tracking 22 students over three weeks and detecting when each pupil entered a classroom.
This is the first time that Sweden has ever issued a fine under GDPR.
The General Data Protection Regulation, which came into force last year, classes facial images and other biometric information as being a special category of data, with added restrictions on its use.
The DPA indicated that the fine would have been bigger had the trial been longer.
According to technology magazine ComputerSweden, Swedish authorities decided to investigate after reading media reports of Anderstorp’s High School’s trial.
The local authority told Swedish state broadcaster SVT Nyheter in February that teachers had been spending 17,000 hours a year reporting attendance, and the authority had decided to see whether facial-recognition technology could speed up the process.
The trial, which took place in autumn 2018, had been so successful that the local authority was considering extending it.
Jorgen Malm, who oversees Anderstorp's High School and Naturbruk's High School for the municipality, told SVT that the technology was "fairly safe".
Posted by Acumé
©2019 Copyright: acumeforensic.com