Skip to content

Facial Detection and Smart Billboards: Analysing the ‘Identified’ Criterion of Personal Data in the GDPR

Peter Alexander Earls Davis


Keywords: Facial, Detection, Recognition, GDPR

This paper analyses the applicability of the EU GDPR to smart billboards, which are digital signs that allow their operators to target advertisements or gather analytics data based on the appearance of passers-by. Smart billboards leverage facial detection technology which, unlike facial recognition, swiftly deletes or anonymises (personal) data, making the application of data protection rules problematic. An analysis of relevant decisions, opinions and commentary is conducted, concluding that approaches taken so far to the question of GDPR do not adequately address the novel technical characteristics of smart billboards. By proposing a novel interpretation of the term ‘identified’ in GDPR Article 4(1), the paper claims that smart billboards do in fact process personal data under the GDPR.
Keywords: Facial, Detection, Recognition, GDPR

Doctoral Research Fellow, Norwegian Research Center for Computers and Law, Department of Private Law, University of Oslo. Work on this chapter has been conducted under the aegis of the project ‘Security in Internet Governance and Networks: Analyzing the Law’ (SIGNAL), funded by the Norwegian Research Council and UNINETT Norid AS. All URL references cited herein were last accessed 14 October 2019. Thanks are due to those who provided helpful input, especially Professor Lee Bygrave. The usual disclaimer applies.


Lx-Number Search

(e.g. A | 000123 | 01)

Export Citation