Facial recognition is increasingly used across businesses - especially in the retail space as a security measure against shrinkage. But what is facial recognition, and how is it different to facial identification? What are the legal considerations? And how could SEiNG be configured to support the use of such technologies?
It's easy to mix up facial recognition and facial identification, but they work in very different ways.
Think of facial recognition as your system spotting a face in the crowd.
Shops like B&M, Morrisons Daily, Southern Co-op, and now Sainsbury's, use recognition systems to flag people who resemble profiles of past troublemakers - without attaching names or personal data.
At this stage, the system isn’t identifying an individual; it’s just recognising a pattern.
This goes a step further.
In short, facial recognition spots patterns, while facial identification links those patterns to specific individuals, making the privacy and legal considerations much greater.
We've already mentioned how several major UK retailers are using facial recognition already in-store. So it's no surprise that these technologies offer real advantages when used responsibly:
These benefits enable you to monitor and respond to patterns effectively, improving security and operational insight. But to ensure you use the information responsibly, it's essential that you follow UK data protection guidance.
Facial recognition technology is powerful, but it’s also tightly regulated. In the UK, the rules are clear, and understanding them is key if you want to use these systems responsibly.
Under UK GDPR and Data Protection, facial images and biometric data fall under special category data, meaning they require extra care. Using this data for identification purposes isn’t just a technical decision—it needs a lawful basis, usually either explicit consent from individuals or a substantial public interest under conditions outlined in the Data Protection Act 2018.
Following GDPR principles also helps businesses avoid unnecessary risk and build trust. These principles include:
In practice, this means that any system using facial identification to match a person to a record must have a clear legal basis, handle the data securely, and follow GDPR principles at every step to protect individuals’ privacy.
This Act specifically addresses surveillance cameras, including how and where they can be used. Businesses need to follow a code of practice, ensuring that camera use is proportionate, transparent, and justified. For example, it’s not enough to simply install cameras; operators must also think about signage, monitoring practices, and how long footage is retained.
The Information Commissioner’s Office (ICO) provides detailed guidance on biometric data and facial recognition. Their advice stresses that these technologies carry high risks to individuals’ rights and freedoms. They highlight the need for:
Necessity: Only collect data that is genuinely needed.
Proportionality: Make sure the system’s impact on privacy is justified by its purpose.
Robust safeguards: Protect the data with strong security measures and clear internal policies.
For facial identification systems, this means businesses must ensure that any use of biometric data is strictly necessary, proportionate, and protected with robust safeguards to minimise risks to individuals’ privacy and comply with ICO guidance.
By following these rules, organisations can harness the benefits of facial recognition technology while protecting individuals’ rights and building trust.
SEiNG is a cloud-first Video Management System (VMS) with features including real-time remote access, AI-powered analytics, and secure UK-based cloud storage as a fully managed service. It does all this with your existing security cameras.
Whilst SEiNG records faces and can detect people, it currently does not recognise faces. However, if your use case calls for it - and you have a clear legal basis - it can be configured to use recognition in a controlled way.
For example, you might want alerts for individuals on a pre-approved watchlist. That’s possible, but it must be handled with strict data protection measures to minimise intrusion.
If you’re thinking about enabling facial recognition with your Cloud VMS, here are the key steps:
By following these steps, you can balance the benefits of facial recognition with the responsibility to protect privacy and stay compliant with UK law.
Facial recognition and identification are not the same—and the law treats them very differently. SEiNG gives you flexibility, but also the framework to use recognition responsibly. The key is balancing operational needs with privacy, compliance, and trust.
Get in touch today to discuss your facial recognition requirements. In the meantime, why not see how SEiNG works in our 5-minute demo video.
Note: This article is for information only and does not constitute legal advice.