A Sweden school was found improperly using facial recognition to monitor students' attendance

The Swedish data protection agency has issued the country's first GDPR fine of 200,000 Swedish Krona (approximately $21,000) against a school found to be improperly using facial recognition technology to monitor the attendance of its students.


Although it was only a test, it violated "several articles in the GDPR" as the school had processed biometric data unlawfully and did not do an adequate risk assessment, which would include consulting the Swedish data protection agency.


The school said that the process had been consensual, but the Swedish watchdog argued that a consensual agreement could not have a valid legal basis because of the imbalance of power between the data subject and the controller.



CALL US

Tel: +603-9171 1562 

Fax: +603-9173 7600

HOURS

Mon - Fri: 9am to 6pm

MEMBER OF SYSTECH BHD
OUR SERVICES

Copyright © 2019 SysArmy Sdn Bhd (1122083-K)