The facial recognition system built by NEC and used by South Wales Police has been shown to have an abysmal hit ratio, following the release of figures by the service.
First noticed by Wired, the 2017 UEFA Champions League Final in Cardiff produced 173 "True Positive Alerts", and 2,297 false positives, representing a successful positive for 7 percent of identifications.
The service said in a statement that it uses a watchlist of half a million custody images, and its use has been a "resounding success".
South Wales Police said the high number of false positives at the Cardiff final was due to poor quality images supplied by UEFA, Interpol, and other agencies; an old NEC algorithm; and it being the first major deployment.
"Since we introduced the facial recognition technology no individual has been arrested where a false positive alert has led to an intervention and no members of the public have complained," the police force said.
The facial recognition is completed on live footage streamed from fixed cameras, or from cameras on top of police vans.
"Throughout the trial South Wales Police has been very cognisant of concerns about privacy and we have built in checks and balances into our methodology to make sure our approach is justified and balanced. We have had detailed discussions and consultation with all interested regulatory partners," South Wales Police said.
"These discussions ensure that we are considering the wider needs in relation to the Data Protection Act and the General Data Protection Regulation (GPDR) in order to that we see to it that the deployment of this technology is proportionate whilst recognising the need to balance security and privacy."
"We don't notice it, we don't see millions of people in one shot ... but how many times have people walked down the street following somebody that they thought was somebody they knew, only to find it isn't that person?" NEC Europe head of Global Face Recognition Solutions Chris de Silva told ZDNet in October.
"You're going to find false alarms, and you are going to get answers, but they are not going to be always correct, and the more of that you get, the less likely people are going to be happy about using the system."
According to de Silva, while it is technically possible to load an entire country's population into a watchlist, the information out of the system would not be useful.
"One of the things that you cannot realistically do is put a population into a database, and do real-time surveillance," he said.
De Silva said NEC finds it is best to limit the list of persons of interest to the tens of thousands.
"We tend to keep real-time databases low -- I think the biggest one that exists in a project is 250,000 people in a database, and that's a bit big, we don't really like it that big, but we allowed that one to happen," he explained. "Normally, you are in the tens of thousands, or less.
"So all of that James Bond stuff -- unfortunately, it is not quite true -- nearly true, but not quite true."
In Australia, a trial at Canberra Airport allowing passengers to walk through the terminal from their flight without producing a passport has a 90 percent success rate, according to Minister for Home Affairs Peter Dutton.
"For the numbers of people coming through our airports, I want them to walk seamlessly down -- off the A380 -- and, in time, and we're not far off this, with facial recognition on the move, people's passports will stay in their pocket," Dutton said.
"They will walk from the plane directly out to the curbside and depart the airport."
The Department of Home Affairs is also putting together a system to match photos against identities of citizens stored in various federal and state agencies data stores.
Despite purchasing a facial recognition algorithm from a vendor to be used for the Face Identification Service, the department told the Parliamentary Joint Committee on Intelligence and Security on Friday that it will not be disclosing who the vendor is, saying doing so would pose a threat to assumed identities.