-

Key risks include privacy intrusion, biometric surveillance, and bias or discrimination due to uneven model performance across demographics. Legally, facial images may qualify as biometric data, triggering GDPR Article 9 protections, strict consent requirements, and heightened obligations around security, transparency, and purpose limitation.

Bias & discrimination across demographics • Biometric data → GDPR Article 9 → explicit consent required • Data security, privacy, transparency • Automated decisions → Article 22 implications

Yes deepfakes can be haramful

Using facial images raises privacy and consent concerns because biometric data is sensitive. There is also a risk of misuse or biased performance across different demographic groups. Legally, the system must ensure secure storage, transparency, and clear limits on how images are used.

Privacy risk: Collection, storage, and processing of facial images can violate data protection laws (e.g., GDPR, CCPA) if not handled properly. Consent issues: Users must give informed, explicit consent for biometric data use. Data security:

Biometric data processing risk and transparency and user autonomy

Constant camera monitoring can lead to a "chilling effect" where drivers feel micromanaged, causing stress and reducing job satisfaction. There is also the risk of "function creep"—where data collected for safety is later used to judge performance or determine insurance premiums

Peoples facial images cannot be shared publicly. Drivers must know that their faces are being assessed for drowsiness

The use of facial imagery for drowsiness detection raises significant ethical and legal risks, primarily due to the intrusive nature of facial data and its potential misuse. From an ethical perspective, facial images are deeply personal and closely tied to identity. Continuous monitoring may create feelings of surveillance, loss of autonomy, and reduced trust, particularly if drivers are unclear about how long data is stored or how it may be reused. Bias in facial landmark recognition models further exacerbates ethical concerns, as inaccurate detection for certain racial or physical characteristics may disproportionately affect specific groups, reinforcing inequality. Legally, facial imagery constitutes biometric data when processed to uniquely identify or analyse individuals. This creates heightened obligations under GDPR, including strict conditions for lawful processing, transparency, and security. Any failure to clearly define purpose, limit retention, or protect the data could expose IRIS operators to regulatory enforcement and liability.

Privacy, ethical concerns, false negatives. Inaccuracy

Privacy and consent, misinterpretation of facial data

The application taking user biometric data

Privacy & consent: Facial images are biometric data, requiring explicit GDPR consent. Surveillance concerns: Continuous monitoring may be seen as intrusive. Liability: Misclassification causing accidents may expose providers to legal claims.

Respect of persons. We still have several issues when it comes to facial detection with AI because of dataset most models have been trained with.

Some faces may appear drowsy, implication of illegal emotion detection

Risks like the safety of user data collected and the potential infringement on their privacy.