UK shoppers at retailers including Sainsbury's, B&M and Spar will trigger a live police alert in roughly four seconds when their face matches a watchlist of "the worst offenders." No UK retail facial-recognition system has done that without a staff member in the loop until now.
Facewatch, the retail facial-recognition platform already installed in more than 100 UK chains, plans to switch the capability on in autumn 2026 and is framing the feature as a UK first (the Guardian). Until now, a Facewatch match produced an internal alert inside the store, a duty manager reviewed it, and only after a human confirmed a hit would staff call the police. The new feature closes that last step. A match now generates an automatic alert sent directly to a police force, with the average latency that CEO Nick Fisher puts at "about four seconds" for "the worst offenders" on the watchlist (Talking Retail).
The four-second figure is Fisher's, not a regulator's measurement. Facewatch's launch materials and the trade press covering them all restate the same number (Security Journal UK, Security Brief UK, SLR Magazine). No UK biometric regulator has published an independent benchmark of the system's latency or accuracy, and Fisher has not said how often a flagged match turns out to be a true one.
That gap matters because the new feature changes the default action of a match. Under the existing model, a face-recognition hit is a starting signal; staff decide whether to escalate. Under the new model, the hit is the dispatch event. Staff and customers are still in the camera's field of view, but they are not in the decision path between a match and a police car being requested. A retail assistant who would previously have stepped in to verify an alert has, in effect, been removed from the loop.
Liberty policy officer Charlie Whelton calls the rollout "an untested, opaque development" with facial recognition "proliferating without anything to govern it" (the Guardian). The legal complaint is precise. Three regulators could plausibly claim part of the file: the ICO on biometric data, the Biometric Commissioner on policing and justice biometrics, and the Home Office's Surveillance Camera Code of Practice on cameras operated by, or on behalf of, relevant authorities. A private platform pushing matches to a police force sits across all three without clearly fitting any one of them, and none of the three has published a rule for closed-loop machine-to-police alerting in retail.
Fisher says the feature targets only "high-risk offenders" (repeat thieves and people subject to retail crime orders) and pitches it to retailers as a closed-loop UK crime platform (Security Brief UK). He has not, in the launch materials, named a police force that has signed an agreement to receive these alerts, set out the lawful basis for receiving them, or described any audit cadence for the system that puts a flagged face into the alert queue.
A watchlist curated by a private retailer network, run on private cameras inside a shop, now generates a request for a public emergency response. Fisher's four seconds is the time from match to that request. The open question is which regulator, on which timetable, will have to answer for a wrongful dispatch first.