SEiNG Cloud CCTV

Understanding Facial Recognition and Identification with Cloud CCTV

Facial recognition is increasingly used across businesses - especially in the retail space as a security measure against shrinkage. But what is facial recognition, and how is it different to facial identification? What are the legal considerations? And how could SEiNG be configured to support the use of such technologies?

What's the difference between facial recognition and facial identification in CCTV?

It's easy to mix up facial recognition and facial identification, but they work in very different ways.

Facial Recognition: “Have I seen this face before?”

Think of facial recognition as your system spotting a face in the crowd.

  • It can tell if there’s a face present.
  • It can compare it to faces it’s seen before, without knowing who that person is.

Shops like B&M, Morrisons Daily, Southern Co-op, and now Sainsbury's, use recognition systems to flag people who resemble profiles of past troublemakers - without attaching names or personal data.

At this stage, the system isn’t identifying an individual; it’s just recognising a pattern.

Facial Identification: “Who is this person?”

This goes a step further.

  • The system compares a face to a database where each entry is tied to personal details (like name, DOB, access rights).
  • The aim is to pin down a specific identity.
  • Because this involves personal and sensitive data, the legal and privacy stakes are much higher.

In short, facial recognition spots patterns, while facial identification links those patterns to specific individuals, making the privacy and legal considerations much greater.

How facial recognition can benefit UK businesses

We've already mentioned how several major UK retailers are using facial recognition already in-store. So it's no surprise that these technologies offer real advantages when used responsibly:

  1. Enhanced Security – Systems can detect faces that match certain patterns, helping businesses spot unusual or potentially problematic behaviour quickly.
  2. Operational Awareness – Recognising recurring patterns, such as frequent visitors or crowd flow, allows businesses to monitor activity more efficiently.
  3. Proactive Risk Management – By flagging patterns associated with previous incidents, businesses can respond faster to potential threats, reducing loss or disruption.

These benefits enable you to monitor and respond to patterns effectively, improving security and operational insight. But to ensure you use the information responsibly, it's essential that you follow UK data protection guidance.

How is facial recognition different to identification?

What is the UK law around facial recognition technology?

Facial recognition technology is powerful, but it’s also tightly regulated. In the UK, the rules are clear, and understanding them is key if you want to use these systems responsibly.

UK GDPR & Data Protection Act 2018

Under UK GDPR and Data Protection, facial images and biometric data fall under special category data, meaning they require extra care. Using this data for identification purposes isn’t just a technical decision—it needs a lawful basis, usually either explicit consent from individuals or a substantial public interest under conditions outlined in the Data Protection Act 2018.

Following GDPR principles also helps businesses avoid unnecessary risk and build trust. These principles include:

  • Data minimisation: Collect only what you need.
  • Accuracy: Keep data accurate and up to date.
  • Storage limitation: Don’t retain data longer than necessary.
  • Security: Protect it with strong technical and organisational measures.
  • Transparency: Be clear with individuals about how their data is collected and used.

In practice, this means that any system using facial identification to match a person to a record must have a clear legal basis, handle the data securely, and follow GDPR principles at every step to protect individuals’ privacy.

Protection of Freedoms Act 2012

This Act specifically addresses surveillance cameras, including how and where they can be used. Businesses need to follow a code of practice, ensuring that camera use is proportionate, transparent, and justified. For example, it’s not enough to simply install cameras; operators must also think about signage, monitoring practices, and how long footage is retained.

ICO Guidance

The Information Commissioner’s Office (ICO) provides detailed guidance on biometric data and facial recognition. Their advice stresses that these technologies carry high risks to individuals’ rights and freedoms. They highlight the need for:

Necessity: Only collect data that is genuinely needed.

Proportionality: Make sure the system’s impact on privacy is justified by its purpose.

Robust safeguards: Protect the data with strong security measures and clear internal policies.

For facial identification systems, this means businesses must ensure that any use of biometric data is strictly necessary, proportionate, and protected with robust safeguards to minimise risks to individuals’ privacy and comply with ICO guidance.

By following these rules, organisations can harness the benefits of facial recognition technology while protecting individuals’ rights and building trust.

SEiNG records faces and could be configured for facial recognition

Cloud CCTV with facial recognition

SEiNG is a cloud-first Video Management System (VMS) with features including real-time remote access, AI-powered analytics, and secure UK-based cloud storage as a fully managed service. It does all this with your existing security cameras.

Whilst SEiNG records faces and can detect people, it currently does not recognise faces. However, if your use case calls for it - and you have a clear legal basis - it can be configured to use recognition in a controlled way.

For example, you might want alerts for individuals on a pre-approved watchlist. That’s possible, but it must be handled with strict data protection measures to minimise intrusion.

What to Consider Before Using Facial Recognition with SEiNG

If you’re thinking about enabling facial recognition with your Cloud VMS, here are the key steps:

  • Be clear about why you need it.
  • Confirm your lawful basis for processing biometric data (consent is often required).
  • Carry out a Data Protection Impact Assessment (DPIA).
  • Register your business with the ICO.
  • Put robust security in place for all biometric data.
  • Be transparent - make sure people know recognition is in use (e.g. signage).
  • Stick to data minimisation and storage limitation principles.

By following these steps, you can balance the benefits of facial recognition with the responsibility to protect privacy and stay compliant with UK law.

Balancing Security and Privacy

Facial recognition and identification are not the same—and the law treats them very differently. SEiNG gives you flexibility, but also the framework to use recognition responsibly. The key is balancing operational needs with privacy, compliance, and trust.

Get in touch today to discuss your facial recognition requirements. In the meantime, why not see how SEiNG works in our 5-minute demo video.

Note: This article is for information only and does not constitute legal advice.

To top