I’d have to research 4, but I know for a fact taking a photo of someone in public is protected as you have no right to privacy in public, it’s also not the subjects business what I intend to do with it, so things like posting online might be subject to GDPR but if i wanted to build an app like the one in this post then I would do what they did and have it all on device so it technically isn’t uploaded anywhere.
I would need a law showing that matching a face against publicly available datasets of faces is illegal as that seems insane and difficult to police.
Yes, 3 I agree with as it would fall under GDPR as identifiable information.
I know that because I do a lot of street photography and there is no law in the UK forbidding photography of people in public spaces, it’s quite easy for you to Google this but I can’t provide you with a law condoning it as that’s not how it works.
Again show me in GDPR where it expressly forbids marching a face to a public dataset.
I know that because I do a lot of street photography and there is no law in the UK forbidding photography of people in public spaces,
I didn’t write there was one. It sounds like you “know” that photography is “protected” because you need that to be true.
it’s quite easy for you to Google this
Indeed. For anyone who’s not good at googling things, I recommend the UK ICO.
but I can’t provide you with a law condoning it as that’s not how it works.
That’s true. You can’t because you are wrong. You should know that your take on the GDPR is nonsense. It sounds like you violate it on a habitual basis.
Again show me in GDPR where it expressly forbids marching a face to a public dataset.
What do you mean “again”?
The GDPR forbids this in, of course, Article 6 and, more particularly, Article 9, but also gives exceptions.
You seem to want to me prove that a law doesn’t exist where it’s much easier for you to show me a law doesn’t exist.
You can read this House of Commons debate on the topic Here
Police officers have the discretion to ask people not to take photographs for public safety or security reasons, but the taking of photographs in a public place is not subject to any rule or statute. There are no legal restrictions on photography in a public place, and there is no presumption of privacy for individuals in a public place
Or you can read This debate from the House of Lords.
The taking of photographs in a public place is not subject to any rules or statute. There are no legal restrictions on photography in a public place … and the Home Secretary … expressed our desire to ensure that people are free and able to take photographs in public places
Seems pretty simple really. Although I will concede that processing or personal identifiable information, even if done ok device, would likely be a breach of GDPR.
As for your assertion that I habitually break GDPR, yeah sure in this hypothetical scenario, but thankfully as a software engineer we have a team that handles this for us.
I have provided the requested Articles in the GDPR. “Presumption of privacy” is not a concept in the GDPR. The GDPR is not a privacy law. It is concerned with data protection.
Debates in either Chamber of UK parliament are not a source of law. Especially not when they took place a decade before the GDPR came into force.
You seem to be misunderstanding my hypothetical application and my street photography.
To make it abundantly clear, as per the discussions in the House of Commons / Lords, that taking photos of people in public is not limited by any law, stature, or rule.
So I am free to take whoever’s photo I choose and in fact that extends to publishing those photos online as the person in the photo isn’t easily identifiable, like you can’t get their name from it, they don’t have a right to stop publication simply because their face is shown providing the image isn’t defamatory, misleading, or used for commercial purposes.
UK GDPR may apply if:
The subject is clearly identifiable, not incidental, and
the photo is used in a context that processes or organises personal data (eg tagging, profiling, categorising people)
Key point
Artistic and journalistic expression are except from most GDPR rules, under Article 85, if the images are published as part of legitimate artistic or documentary work.
So:
A candid street photography posted to a gallery as art or commentary is generally exempt from GDPR
A facial recognition project or tagging system using those images then GDPR applies fully.
So do you want to refute these claims when you’ve read Article 85 or concede, as conceded to your other points.
Also, your tone leaves something to be desired.
Edit: Furthermore, they are not a source of law they’re a source of an absence of law as was evidenced by those debates and Article 85 as I articulated above.
So I am free to take whoever’s photo I choose and in fact that extends to publishing those photos online
That is unambiguously wrong. Please refer to Article 4 (1) for a definition of personal data.
Also, your tone leaves something to be desired.
You are quite welcome to look this up on the UK ICO’s website. It is funded by British tax money to provide information to people such as you. I am providing you free tutoring on my own time and you don’t seem to value that favor.
Article 85
Please refer to the article in question. You will find that it provides no exceptions. It contains instructions for national governments,
Dude it literally states that they shall provides exceptions to former chapters as shown here
This is the exact text. I don’t know why you insist on pushing back. If you want to consult a solicitor to confirm then have at it, but it can’t be more clear than it is allowed under artistic or expression and that member states must provide exceptions to the chapters listed which includes the one you cited. Man alive!!!
1. Member States shall by law reconcile the right to the protection of personal data pursuant to this Regulation with the right to freedom of expression and information, including processing for journalistic purposes and the purposes of academic, artistic or literary expression.
2. For processing carried out for journalistic purposes or the purpose of academic artistic or literary expression, Member States shall provide for exemptions or derogations from Chapter II (principles), Chapter III (rights of the data subject), Chapter IV (controller and processor), Chapter V (transfer of personal data to third countries or international organisations), Chapter VI (independent supervisory authorities), Chapter VII (cooperation and consistency) and Chapter IX (specific data processing situations) if they are necessary to reconcile the right to the protection of personal data with the freedom of expression and information.
3. Each Member State shall notify to the Commission the provisions of its law which it has adopted pursuant to paragraph 2 and, without delay, any subsequent amendment law or amendment affecting them.
I’d have to research 4, but I know for a fact taking a photo of someone in public is protected as you have no right to privacy in public, it’s also not the subjects business what I intend to do with it, so things like posting online might be subject to GDPR but if i wanted to build an app like the one in this post then I would do what they did and have it all on device so it technically isn’t uploaded anywhere.
I would need a law showing that matching a face against publicly available datasets of faces is illegal as that seems insane and difficult to police.
Yes, 3 I agree with as it would fall under GDPR as identifiable information.
Do you remember why you “know” this? Just curious.
Surely you have noticed that there is a lot of criticism of the GDPR and EU tech regulation.
I know that because I do a lot of street photography and there is no law in the UK forbidding photography of people in public spaces, it’s quite easy for you to Google this but I can’t provide you with a law condoning it as that’s not how it works.
Again show me in GDPR where it expressly forbids marching a face to a public dataset.
I didn’t write there was one. It sounds like you “know” that photography is “protected” because you need that to be true.
Indeed. For anyone who’s not good at googling things, I recommend the UK ICO.
That’s true. You can’t because you are wrong. You should know that your take on the GDPR is nonsense. It sounds like you violate it on a habitual basis.
What do you mean “again”?
The GDPR forbids this in, of course, Article 6 and, more particularly, Article 9, but also gives exceptions.
You seem to want to me prove that a law doesn’t exist where it’s much easier for you to show me a law doesn’t exist.
You can read this House of Commons debate on the topic Here
Or you can read This debate from the House of Lords.
Seems pretty simple really. Although I will concede that processing or personal identifiable information, even if done ok device, would likely be a breach of GDPR.
As for your assertion that I habitually break GDPR, yeah sure in this hypothetical scenario, but thankfully as a software engineer we have a team that handles this for us.
I have provided the requested Articles in the GDPR. “Presumption of privacy” is not a concept in the GDPR. The GDPR is not a privacy law. It is concerned with data protection.
Debates in either Chamber of UK parliament are not a source of law. Especially not when they took place a decade before the GDPR came into force.
Do you need any further help?
You seem to be misunderstanding my hypothetical application and my street photography.
To make it abundantly clear, as per the discussions in the House of Commons / Lords, that taking photos of people in public is not limited by any law, stature, or rule.
So I am free to take whoever’s photo I choose and in fact that extends to publishing those photos online as the person in the photo isn’t easily identifiable, like you can’t get their name from it, they don’t have a right to stop publication simply because their face is shown providing the image isn’t defamatory, misleading, or used for commercial purposes.
UK GDPR may apply if:
Key point Artistic and journalistic expression are except from most GDPR rules, under Article 85, if the images are published as part of legitimate artistic or documentary work.
So:
So do you want to refute these claims when you’ve read Article 85 or concede, as conceded to your other points.
Also, your tone leaves something to be desired.
Edit: Furthermore, they are not a source of law they’re a source of an absence of law as was evidenced by those debates and Article 85 as I articulated above.
That is unambiguously wrong. Please refer to Article 4 (1) for a definition of personal data.
You are quite welcome to look this up on the UK ICO’s website. It is funded by British tax money to provide information to people such as you. I am providing you free tutoring on my own time and you don’t seem to value that favor.
Please refer to the article in question. You will find that it provides no exceptions. It contains instructions for national governments,
Dude it literally states that they shall provides exceptions to former chapters as shown here
This is the exact text. I don’t know why you insist on pushing back. If you want to consult a solicitor to confirm then have at it, but it can’t be more clear than it is allowed under artistic or expression and that member states must provide exceptions to the chapters listed which includes the one you cited. Man alive!!!
2. For processing carried out for journalistic purposes or the purpose of academic artistic or literary expression, Member States shall provide for exemptions or derogations from Chapter II (principles), Chapter III (rights of the data subject), Chapter IV (controller and processor), Chapter V (transfer of personal data to third countries or international organisations), Chapter VI (independent supervisory authorities), Chapter VII (cooperation and consistency) and Chapter IX (specific data processing situations) if they are necessary to reconcile the right to the protection of personal data with the freedom of expression and information.
3. Each Member State shall notify to the Commission the provisions of its law which it has adopted pursuant to paragraph 2 and, without delay, any subsequent amendment law or amendment affecting them.
Commercial versions of these systems exist in the UK.
https://www.theguardian.com/uk-news/2025/jun/06/shopper-facewatch-watchlist-39p-paracetamol-london
The Gdpr makes these things harder to do, but not automatically illegal.
Yeah, and some of it is even true.