Computer Vision and GDPR: like oil and water or a perfect match?

Alice Giannini interviewed on computer vision & privacy

Alice, what brought you to this niche field of GDPR and advanced software?

I am passionate about creating a bridge between my academic background in law and practical applications in the field of new technologies. Whilst I have been researching on criminal behaviour and accountability of Artificial Intelligence systems, I have been working alongside start-ups deploying advanced software, to assist them in their compliance with GDPR. Innovation is essential for progress and I believe the law has a key role to play in making innovation possible in a way that respects people’s rights and societies expectations.

What do you think has been the main impact of GDPR for businesses?

One of the main pillars of the not-so-new General Data Protection Regulation is the concept of accountability. Companies need to have a proactive approach in complying with principles of privacy and data protection: it’s not about formal requirements anymore, it’s a matter of being able to prove that privacy has been on your mind since the very beginning of a processing activity.

What is your take on computer vision and the right to privacy?

Computer vision is an exceptional tool which could prove vital; especially when it comes to situations like ensuring the safety of workers, as in the case of Buddywise. The development of new technologies shouldn’t be seen as a threat to the right to privacy and businesses in this field should ask themselves how they can foster trust into their products. I strongly believe that privacy and safety shouldn’t be mutually exclusive: what is imperative is to strike a meaningful balance between them — and to be able to prove it!

How does computer vision compare to regular camera systems, from a data protection perspective?

When it comes to GDPR-related obligations, computer vision is no exception. Photographs and videos are categorised as personal data, since they can be linked to identifiable individuals. However, one of the strengths of computer vision is the ability of the algorithm to extract relevant information from a very large dataset, without storing the irrelevant data. Standard video surveillance requires the storage of images from thousands of hours of footage. Large amounts of irrelevant data storage would actually be avoided through computer vision — hence ensuring data minimisation! With computer vision the focus shifts from the footage to the intelligence and to the automated decision which is drawn from it.

In articles on data protection you often read about data-protection-by-design, what does that mean?

Applying a data-protection-by-design approach to computer vision means, for example, avoiding models affected by inherent bias. One way to do so is to ensure the transparency and the explainability of the models used.

Any famous last words of advice for a business that is considering adopting a computer vision system like Buddywise?

On a final note, I’d like to stress a significant compliance tool which is represented by data protection impact assessments (DPIAs). It is crucial for companies to prove — in writing — that they have asked themselves the right questions when it comes to how their activities could have an impact on individuals’ rights before the processing starts.

Thank you for sharing with us Alice!

If you want to hear more about how we work with data protection at Buddywise, or just share your critical questions, please contact us at and let’s talk!



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


Buddywise is a start-up hell bent on saving lives and preventing injuries with computer vision!