Facial recognition software and Taylor Swift

December 13, 2018

Rolling Stone reported that Taylor Swift secretly used facial recognition on her fans attending the May 18th Rose Bowl show of her 2018 Reputation Tour (see Rolling Stone link).  Allegedly, a kiosk displaying rehearsal clips contained a camera was taking photos of the fans.  The photos were then sent to a Tennessee site where they were cross-referenced with a database of Ms. Swift's known stalkers. 


If this occurred in Europe, would this use of facial recognition be lawful under the GDPR?  It depends.  First, was there a privacy notice, and how was it presented and what did it say? Second, what was the lawful basis for the processing?  I assume the basis would be an asserted legitimate interest of Ms. Swift.  Was the legitimate interest properly evaluated?  Third, where did they send the data?  If they sent it out of the EU, did they have the proper documentation in place to send it.


Image is from Marcin Wichary and published under the CC BY-SA 2.0 license.


Please reload

Featured Posts

Timely marketing

March 16, 2020

Please reload

Recent Posts
Please reload