July 24, 2024 at 04:39AM
The UK’s Information Commissioner’s Office (ICO) reprimanded Chelmer Valley High School for breaking data protection laws by introducing facial recognition technology for canteen payments without proper assessments and permission. The school failed to consult the data protection officer, parents, and students, and relied on assumed consent. ICO provided recommendations for the future. This incident follows a previous warning to other schools using facial recognition technology.
Meeting Notes Summary:
The UK’s Information Commissioner’s Office (ICO) reprimanded Chelmer Valley High School in Essex for implementing facial recognition technology (FRT) without following necessary data protection protocols.
The school failed to conduct a required Data Protection Impact Assessment (DPIA) for FRT use, did not adequately assess risks to student information, and did not obtain explicit permission from parents and students. The ICO emphasized the importance of proper data protection compliance in deploying new technologies, especially when it involves children.
The school’s attempt at consent with parents was deemed inadequate as it relied on “assumed consent” rather than seeking explicit “opt-in” consent. The ICO provided recommendations for the school’s future actions.
This incident is part of a broader trend in UK schools using FRT for meal payments, prompting concerns about the lack of proper training and capacity in procuring technology that upholds the law and children’s rights.
Activists are pushing for more stringent enforcement and disclosure of the manufacturers and origins of FRT technology in school settings.