Watchdog warning over mooted facial recognition cameras at Children's Hospital

This type of technology maps features from a photograph or video and compares it with a database of known faces in order to confirm the identity of a person.

The children's hospital, set to cost more than €2 billion, is due to open on the site of St James's Hospital in Dublin in 2022.

The ICCL privacy rights expert, Elizabeth Farries, said: “The New Children's Hospital contracting face surveillance technology for children accessing medical care would be incredibly invasive. Children are afforded enhanced personal data protections under the law. Deploying this tech in this manner would run afoul of those protections. It’s expensive, inaccurate, discriminatory, and in this situation, likely unlawful."

She said Hikvision had been embroiled in scandals regarding its human rights record, including use of their cameras in China’s re-education camps.

Ms Farries said: "To protect everyone’s rights, including children’s, the state should not install these face surveillance systems in hospitals in the first instance, and certainly not in cooperation with private surveillance companies with controversial rights track records. A data protection impact assessment would demonstrate the risks.”

Graham Doyle, head of communications at the Data Protection Commission, said: “We would advise data controllers that are considering implementing CCTV systems, particularly those with facial recognition functionality, that such systems need to be justified as necessary and proportionate.

“We would also advise that conducting a Data Protection Impact Assessment is likely to be mandatory in these cases, given that the processing would possibly involve new technologies, children’s data, and special category data as defined in Article 9 of the GDPR as well as large scale processing in a publicly accessible area.

In a statement, the National Paediatric Hospital Development Board said Stanley Security Systems had been successful in a competitive procurement process for the installation of the security systems.

It said the process sought to ensure the equipment would be “fully future-proofed” and added: "Less than 3% of the cameras procured have the potential for high definition facial recognition capabilities. These cameras have many capabilities, and can also be used in the same way as the remaining 97% of the cameras, which do not have facial recognition capabilities.

“It has not yet been decided which aspect of the security systems’ capabilities will be used. This decision will be taken nearer the opening of the hospital by Children’s Health Ireland and will be fully in line with Irish and European data protection and privacy legislation and guidelines, to ensure that the occupants of the hospital have the appropriate protections and security afforded to them, in line with their privacy rights.”