ETD-HUB

13: How are Non-Drivers Affected?

Asked: 4 months, 4 weeks ago By: Catalink Views: 126 Catalink Case Study: IRIS

If the IRIS application is deployed in public service vehicles (like taxis or buses), are there distinct ethical and legal issues that arise - given that there is a possibility that some passengers (non-drivers of the company) may be detected/captured by the IRIS application for some period of time without providing explicit consent to the legal agreements?

18 Answers

Answered: 3 months, 1 week ago By: Chiamakaokorie
-
Answered: 3 months, 1 week ago By: Tundefasina
Full anonymization removes GDPR obligations but may limit model improvement. Pseudonymization is usually sufficient if combined with strong access controls and a right-to-erasure mechanism, allowing users to delete their data. Retaining identifiable data after profile deletion would raise legal risks.
Answered: 3 months, 1 week ago By: Zainabodogwu2
Full anonymization → safest, fewer legal limits • Pseudonymization → allowed if “right to be forgotten” and strong securi
Deleuze replied: The key legal point is that passengers cannot be treated as having agreed to IRIS merely because the driver, operator, or vehicle owner accepted the legal terms. If passengers’ faces, bodies, voices, or behavioural signals are captured, they may become data subjects in their own right. The operator therefore needs a lawful basis for processing their personal data under GDPR Article 6, separate from any agreement with the driver. Consent is not the only possible lawful basis, but if the company relies on consent it must be genuine, informed, freely given, and specific; passive entry into a bus or taxi is unlikely to be enough on its own. The strongest compliance position would be that IRIS is designed so that it does not capture or process passenger data at all, or does so only in a fleeting and technically unavoidable way. For example, the camera should be physically angled and technically configured to focus only on the driver; passenger faces should be excluded from the field of view, blurred, cropped, or discarded immediately; and all processing should preferably occur locally in the vehicle without recording or transmission. This reflects GDPR’s data protection by design and by default requirement, which requires controllers to implement appropriate technical and organisational measures so that only necessary personal data is processed.
Answered: 3 months, 1 week ago By: Oliverharrow
Should be deleted once 5 years has passed
Answered: 3 months, 1 week ago By: Ngozioshoba
Only data necessary for fatigue detection should be collected and stored for limited periods. Users must understand why their data is processed. Regular checks ensure the data is not reused beyond its purpose.
Answered: 3 months, 1 week ago By: Efeadelaja
Pseudo-anonymization with deletion on request is generally sufficient under GDPR, but full anonymization reduces legal risk; retaining data after deletion could still have legal implications.
Answered: 3 months, 1 week ago By: Meilincai
The data must be saved up to 10 years according to the EU AI charter for various reasons including the database
Answered: 3 months, 1 week ago By: Kelechinwosu
If you fully anonymize data, it is no longer considered "personal data," and GDPR no longer applies. You could legally retain this data for 5 years (or indefinitely) even after a profile is deleted.
Deleuze replied: If IRIS is deployed across a fleet of buses, taxis, or public transport vehicles, a Data Protection Impact Assessment would very likely be required. The use of cameras, AI analysis, possible biometric or health-related inferences, and systematic monitoring in vehicles accessible to the public creates a high-risk processing scenario. GDPR Article 35 specifically identifies systematic monitoring of publicly accessible areas on a large scale as a case where a DPIA is required. The status of the data must also be assessed carefully. A passenger’s face captured by a camera is personal data if the passenger is identifiable. It is not automatically special-category biometric data merely because it is a facial image; GDPR Recital 51 says photographs should not systematically be treated as special-category data unless processed through specific technical means allowing unique identification or authentication. However, if IRIS performs face recognition, passenger identification, biometric categorisation, or emotional/physiological inference on passengers, the legal risk becomes much higher.
Answered: 3 months, 1 week ago By: Zainabodogwu32
From both a legal and ethical standpoint, full anonymization is preferable but not always technically feasible for biometric datasets. Full anonymization removes all identifiable links to individuals and places data outside GDPR’s scope. This allows longer retention (e.g. 5 years) but is extremely difficult to achieve with facial or physiological data without destroying its utility. Pseudonymization retains identifiers separately and allows compliance with GDPR rights, including the right to erasure (“right to be forgotten”). In practice, pseudonymization combined with strict access controls, encryption, and deletion mechanisms is generally considered sufficient and more realistic, provided users can request deletion and data is not retained longer than necessary. Ethically, respecting user control and deletion rights is critical to maintaining trust, even if anonymization would offer fewer legal constraints.
Answered: 3 months, 1 week ago By: Miles_Hatcher
Full anonymisation is not strictly required though it provides protection
Answered: 3 months, 1 week ago By: Aminaolorun
It is not required but it provides protection
Answered: 3 months, 1 week ago By: Clarawhitby
Shii idk
Answered: 3 months, 1 week ago By: Ifeanyiakare
Pseudo-anonymization with a functional “right to be forgotten” is generally sufficient if personal identifiers can be deleted on request. Full anonymization is stricter, allows longer retention without legal risk, but may limit personalized model improvements. Key: Must prevent re-identification and comply with GDPR retention limits.
Answered: 3 months, 1 week ago By: Kunleekwueme
I believe full anonymisation would allow use without legal implication, provided thr users agreed to the data collection.
Answered: 3 months, 1 week ago By: Sadeogunlana
Let full anonymization be required
Answered: 3 months, 1 week ago By: Tomashbrook
I suppose psuedo-anonymisation can be used.

Your Answer

Login to add your answer!

We’d love to hear your thoughts — share a meaningful answer by logging in.