The Crisis of Algorithmic Integrity: Architecting Resilient AI Systems in the Era of Biometric Liability

The rapid institutionalization of artificial intelligence within global commerce has transitioned from a phase of novel experimentation to one of mission-critical dependency. However, as organizations increasingly integrate autonomous decision-making systems into their operational cores, a widening "reliability gap" has emerged between the theoretical capabilities of AI and its real-world performance. This whitepaper, authored by the specialized engineering and risk advisory teams at Veriprajna, examines the systemic failures of "brittle" AI architectures through the lens of two seminal incidents: the Federal Trade Commission's five-year ban on Rite Aid’s facial recognition systems and the catastrophic misidentification of Harvey Murphy. These cases underscore an urgent reality: the prevalent "wrapper" model of AI deployment—characterized by a thin layer of interface over third-party APIs—is fundamentally inadequate for high-stakes enterprise environments. True operational resilience requires deep AI solutions characterized by uncertainty quantification, multi-agent governance, and rigorous biometric engineering.

The Anatomy of Institutional Negligence: The Rite Aid Administrative Ban

In December 2023, the Federal Trade Commission (FTC) took the unprecedented step of prohibiting Rite Aid Corporation from utilizing facial recognition technology (FRT) for security and surveillance purposes for a period of five years.¹ This enforcement action was not merely a response to isolated technical errors but a systemic critique of a decade-long failure to implement reasonable safeguards in the deployment of automated biometric systems. Between 2012 and 2020, Rite Aid deployed artificial intelligence-based surveillance across hundreds of retail locations with the intent of deterring shoplifting and identifying "persons of interest".² The resulting failure serves as a categorical warning to enterprises that treat AI as a "plug-and-play" utility rather than a complex engineering discipline.

The Procurement Trap and Vendor Dependency

The foundational error in the Rite Aid deployment was rooted in the procurement and integration strategy. The corporation obtained its facial recognition capabilities from two third-party vendors whose contracts expressly disclaimed any warranty regarding the accuracy or reliability of the results.³ This is a hallmark of the "wrapper" dependency model: the implementing organization assumes total liability for the outputs of a system it neither understands nor controls.⁴

Rite Aid failed to conduct rigorous product safety screenings or inquire about the extent to which the vendors had tested their technology for accuracy.² This lack of internal verification created a "black-box" environment where the retailer was blind to the inherent biases and error rates of the software it was deploying. Furthermore, the company failed to implement image quality controls, allowing low-quality still shots from CCTV cameras and even cell phone photos to be used as enrollment images.³ In biometric engineering, the relationship between input quality and output reliability is non-linear; the use of degraded imagery exponentially increases the probability of false-positive matches.⁶

Rite Aid Systemic Failure Points	Operational Consequence
Vendor Warranty Disclaimers	Transferred all technical and legal risk to the retailer.3
Lack of Accuracy Testing	Deployment of uncalibrated models in high-traffic environments.2
Degraded Input Quality	High False Positive Identification Rates (FPIR) from CCTV stills.3
Absence of Monitoring	Persistent use of biased models without intervention.2
Executive Oversight Gap	Violation of a 2010 data security order.1

Demographic Disparity and Algorithmic Bias

The statistical outcomes of Rite Aid's unmonitored system revealed a profound demographic skew. The FTC complaint alleged that the technology generated thousands of false-positive matches, with a disproportionate impact on women and people of color.² Specifically, the FRT was significantly more likely to trigger false alerts in stores located in plurality-Black and Asian communities compared to plurality-White communities.²

This bias was not an anomaly but a direct result of utilizing off-the-shelf models trained on non-representative datasets.⁸ Without custom adversarial debiasing or multi-scale feature fusion—techniques that Veriprajna advocates for high-stakes deployments—the models defaulted to the biases inherent in their training weights.⁸ The real-world consequence was a series of human rights violations: store employees, acting on low-confidence automated alerts, followed innocent customers, searched them, and publicly accused them of shoplifting.² In some instances, the system matched individuals with "persons of interest" who had been enrolled based on activity occurring thousands of miles away, or flagged the same person at dozens of different stores across the country simultaneously.²

The Doctrine of Model Disgorgement

The FTC settlement introduces a critical new regulatory tool: model disgorgement. Rite Aid is required not only to cease the use of the technology but to delete all "ill-gotten" biometric data and destroy any AI models or algorithms derived from that information.³ This mandate to "unlearn" models represents a massive operational loss and highlights the danger of building enterprise capabilities on a foundation of non-compliant data.¹¹ Any organization deploying AI today must ensure their architecture allows for the surgical removal of specific data influence, a capability that most simple wrappers lack.¹²

The Liability of Misidentification: The Case of Harvey Murphy

While the Rite Aid case illustrates systemic regulatory failure, the January 2024 lawsuit involving Harvey Eugene Murphy Jr. demonstrates the catastrophic personal and civil liability of algorithmic error. Murphy, a 61-year-old grandfather, was wrongfully arrested and jailed for ten days for a robbery he did not commit, based solely on a faulty AI facial recognition match from a Macy’s and Sunglass Hut system.¹³

The Failure of Cross-Enterprise AI Collaboration

The incident began with a January 2022 robbery at a Houston-area Sunglass Hut. EssilorLuxottica, the parent company of Sunglass Hut, collaborated with its retail partner, Macy’s, to utilize Macy’s facial recognition tools on low-quality surveillance footage of the crime.¹⁵ The system identified Murphy as the perpetrator, and this "positive" identification was handed to the police as definitive evidence.¹³

The technical failure here was multi-faceted. First, the software was used on imagery that was inherently unsuitable for biometric matching.¹⁴ Second, the system likely matched the surveillance footage against a database containing Murphy’s booking photo from non-violent offenses decades prior.¹³ This introduced the "age-gap" problem: studies have shown that matching current images against photos taken years or decades earlier can result in false-positive rates as high as 90%.¹⁴

Incident Parameters: Harvey Murphy Case	Details
Primary Claim	$10 million in damages for wrongful arrest and personal injury.13
Core Technical Failure	Misidentification via error-prone facial recognition software.14
Input Quality	Low-resolution, grainy surveillance footage.15
Alibi	Proof of residence in California at the time of the Texas robbery.13
Human Consequence	Brutal sexual assault and physical injury during wrongful detention.13

Reflexive Trust and the "Black-Box" Fallacy

The Murphy case highlights the danger of "reflexive trust" in AI. The lawsuit alleges that Sunglass Hut and Macy’s misled law enforcement by presenting an automated match as a verified fact.¹⁵ This caused the police to stop their investigation and rely on a tainted identification procedure.¹⁶ This phenomenon—where a machine output is treated with more authority than human alibis—is a recurring theme in AI-induced civil rights violations.¹⁶ Murphy was eventually exonerated only after the District Attorney’s office confirmed he was in Sacramento, California, on the day of the Houston robbery.¹³ However, by the time the mistake was corrected, Murphy had been sexually assaulted and beaten in jail, leaving him with lifelong injuries.¹³

For enterprises, the Murphy case is a stark reminder that the liability of AI failure extends far beyond the digital realm. The "negligent use" of facial recognition software can lead to multi-million dollar lawsuits and permanent reputational damage.¹⁴ It is the responsibility of the AI consultant and the implementing organization to ensure that every automated signal is subject to rigorous human-in-the-loop (HITL) validation, especially when personal liberty is at stake.¹⁸

The Architectural Divide: Deep AI vs. The API Wrapper

The failures described above are symptomatic of a broader trend in the AI industry: the proliferation of "AI wrappers." A wrapper is essentially a branded dashboard that sits on top of a third-party model (like those provided by OpenAI, Anthropic, or specialized biometric vendors), sending user data via API and returning the raw output.⁴ Veriprajna positions itself as a "deep AI" solution provider precisely because the wrapper model is fundamentally too brittle for enterprise-grade applications.

The Fragility of the Wrapper Model

Wrappers suffer from an asymmetrical business and technical model. They capitalize on usage and distribution but have no control over the underlying infrastructure.⁴ This leads to several critical risks:

1.​ Vendor Lock-In and Outages: A wrapper platform is entirely dependent on the uptime and pricing of its upstream provider. If a vendor like VAPI or Retell experiences an outage, every agency using that wrapper goes down simultaneously.⁵

2.​ Auditability Gaps: When an enterprise relies on a third-party "black-box" model, it cannot explain or audit how results were generated. This is a significant liability during compliance audits or legal disputes.¹²

3.​ Governance Deficit: Simple wrappers lack the structure to enforce order of operations or permissions. They often rely on "mega-prompts"—cramming all rules and documents into a single prompt—hoping the model performs correctly.²⁰

4.​ Security and Data Leakage: Wrappers may inadvertently feed sensitive customer data into the training pipelines of third-party models, breaching confidentiality and violating laws like GDPR or HIPAA.¹²

Deep AI: The Multi-Agent Systems (MAS) Philosophy

In contrast to the "one-part-does-it-all" wrapper approach, a deep AI solution utilizes Multi-Agent Systems (MAS). This architecture treats the LLM or biometric model as a single component within a team of specialized agents with defined responsibilities.²⁰

Agent Type	Strategic Function
Planning Agent	Decides the workflow and ensures all compliance steps are met.20
Workflow Agent	Enforces the correct sequence of operations (e.g., Consent → Verification → Action).20
Compliance Agent	Monitors outputs for tone, policy drift, and jailbreak exposure.20
Response Agent	Interacts with the user, pulling from verified RAG pipelines.20
Uncertainty Agent	Quantifies the confidence of the model's output before execution.21

A MAS architecture provides the deterministic guardrails required for high-stakes environments. Instead of asking one model to "identify the shoplifter and notify security," the system uses a chain of specialists: one agent validates image quality, another performs the 1:N match, a third assesses the uncertainty of that match, and a fourth flags the case for human review if thresholds aren't met.²⁰

The Science of Uncertainty: From Point Estimates to Probabilistic Risk

A central failure in both the Rite Aid and Macy’s cases was the treatment of an AI output as a binary truth. In reality, every AI output is a probabilistic estimate. Deep AI solutions move beyond simple accuracy scores to implement robust Uncertainty Quantification (UQ).²¹

Aleatoric vs. Epistemic Uncertainty

Uncertainty in AI systems is broadly categorized into two types, both of which must be addressed for a system to be considered "safe":

1.​ Aleatoric Uncertainty: Arises from the intrinsic randomness or noise in the data (e.g., sensor errors, motion blur, poor lighting in a retail store). This type of uncertainty is typically irreducible—no amount of training will fix an image that is missing data.²⁴

2.​ Epistemic Uncertainty: Stems from the model's limitations or lack of knowledge about a specific scenario (e.g., a demographic group it hasn't seen before, or an aged face). This can be reduced by providing more representative training data.²⁴

Brittle systems fail to distinguish between these two. A high-confidence score in a brittle system might simply mean the model is "overconfident" about a guess. A deep AI system uses techniques like Bayesian Neural Networks or Monte Carlo Dropout to produce a probability distribution rather than a single point estimate.²⁵

The Mathematical Framework for Reliability

Veriprajna advocates for the use of Conformal Prediction, a calibration step that ensures uncertainty in AI predictions falls within guaranteed bounds at a level of significance set by the user.²¹ This allows decision-makers to understand the reliability of a prediction before taking action. For example, if a system identifies a person with a match score of 0.85, the UQ layer might reveal that the "uncertainty distribution" is wide, meaning the 0.85 is statistically unreliable due to low image quality.²¹

This formula represents the guarantee that the true outcome will be contained within the prediction set with a probability of at least , where is the user-defined error rate. Implementing this level of mathematical rigor is what separates enterprise-grade solutions from simple API wrappers.²¹

Technical Paradigms: Open-Set vs. Closed-Set Identification

Another critical distinction in biometric engineering is the difference between closed-set and open-set recognition. Most commercial "off-the-shelf" systems are optimized for closed-set problems—situations where it is assumed the person being scanned is definitely in the database (e.g., unlocking a phone).²⁷

The Retail "Watch-List" Challenge

In retail security, the problem is almost always "open-set." The vast majority of people entering a store are "non-mated" subjects—they are not in the database of criminals.²⁷ A closed-set model will inevitably try to find the "best match" for every single person, leading to the thousands of false positives seen at Rite Aid.²⁷

Deep AI solutions utilize specialized loss functions, such as identification-detection loss, to optimize for open-set performance. These models are trained to not only identify a match but to accurately "reject" individuals who are not in the gallery.²⁷

Recognition Protocol	Assumption	Primary Metric
Closed-Set	Every probe subject is in the gallery.27	Rank-1 Accuracy.30
Open-Set	Most probe subjects are unknown/non-mated.27	FNIR at specific FPIR.27

The use of Extreme Value Machine (EVM) probabilities, which are open-set by design, allows for better rejection of "unknown unknowns"—individuals the system has never seen before and who should never trigger an alert.²⁹

Benchmarking for Trust: The Role of NIST and FRVT

To prevent the "reflexive trust" that led to the Harvey Murphy arrest, enterprises must rely on standardized benchmarks. The National Institute of Standards and Technology (NIST) Face Recognition Vendor Test (FRVT) is the global gold standard for assessing the performance, accuracy, and bias of facial recognition algorithms.⁷

Parsing NIST Metrics

NIST FRVT evaluations provide detailed "report cards" for vendors, measuring performance across different datasets:

●​ 1:1 Verification: Matching a probe image to a single gallery image (e.g., border control).⁷

●​ 1:N Identification: Searching a probe against a large database (e.g., retail watch-lists).³¹

●​ Mugshot and Border Datasets: Assessing performance on images with varying levels of quality and control.⁷

NIST specifically measures the False Non-Match Rate (FNMR) at a fixed False Match Rate (FMR). For high-security applications, the FMR is often set at a very low threshold (e.g., ), meaning the system only declares a match if the probability of a mistake is less than 1 in 1,000,000.⁷ Rite Aid’s failure can be viewed as a failure to set and monitor these thresholds according to NIST-standardized benchmarks.²

Demographic Performance Metrics

Crucially, NIST FRVT includes metrics for demographic performance, showing how well an algorithm performs across different genders, ages, and countries of origin.⁷ This data is essential for identifying the kind of racial bias that led to the FTC ban on Rite Aid. Any enterprise deploying FRT must require their vendors to provide NIST-validated report cards showing equitable performance across the demographics represented in their stores.⁷

The Regulatory Supercycle: NIST AI RMF and the EU AI Act

The era of unregulated AI is ending. Enterprises must now navigate a "regulatory supercycle" that mandates transparency, accountability, and risk management.

The NIST AI Risk Management Framework (AI RMF)

The NIST AI RMF is a voluntary but influential guide designed to improve the robustness and reliability of AI systems.³³ It revolves around four core functions:

1.​ Govern: Cultivating a risk-aware culture and clear governance structures.³⁴

2.​ Map: Contextualizing the AI system within its operational and ethical dimensions.³⁴

3.​ Measure: Quantifying risks through both qualitative and quantitative approaches (e.g., bias detection and performance metrics).³⁴

4.​ Manage: Prioritizing and addressing identified risks through technical controls and procedural safeguards.³⁴

The FTC's action against Rite Aid was effectively an enforcement of these principles. By failing to "measure" or "manage" the risks of its FRT, Rite Aid violated the "unfairness" clause of Section 5 of the FTC Act.¹¹

The EU AI Act: A Binding Mandate

While the NIST framework is voluntary in the US, the European Union's AI Act is a binding regulation that classifies AI systems by risk level.³³

●​ High-Risk Systems: Biometric identification systems in public spaces are automatically classified as high-risk.³⁷

●​ Mandatory Obligations: Providers of high-risk systems must conduct "Conformity Assessments," maintain "Detailed Technical Documentation," and ensure "Effective Human Oversight".³³

●​ Prohibited AI: Certain practices, such as scraping facial images from the internet or using real-time biometric identification for general law enforcement (with limited exceptions), are banned entirely.⁴⁰

EU AI Act Compliance Pillar	Technical Requirement
Data Governance	Training and testing datasets must be representative and error-free.36
Transparency	Deployers must be informed when they are interacting with AI.33
Human Oversight	Systems must allow for manual overrides and intervention.33
Record-Keeping	Automatic event logging to identify and mitigate risks.36

Organizations that use the NIST AI RMF today are better positioned to comply with the EU AI Act tomorrow, as they share the same foundational goals of transparency and accountability.³³

Mitigating Bias: Technical Strategies for Equitable Outcomes

The racial and gender bias cited in the Rite Aid and Murphy cases is not an inherent property of AI, but a failure of engineering. Deep AI solutions employ several advanced techniques to mitigate these harms.

Adversarial Debiasing and Fairness Constraints

Adversarial debiasing uses two competing networks: one to predict the target (e.g., identity) and an "adversary" that tries to predict a protected attribute (e.g., race or gender) from the first network's internal representation.¹⁰ If the adversary succeeds, the first network is penalized. This forces the model to find features that are "blind" to protected attributes while remaining accurate for the task.¹⁰

Additionally, "Fairness Constraints" can be integrated into the loss function to ensure equal error rates across different groups.¹⁹ For instance, a system can be mathematically forced to maintain the same False Match Rate for Black women as it does for White men.¹⁹

Multi-Scale Feature Fusion and Spatial Attention

Biometric bias often arises from poor lighting or low contrast, which disproportionately affects darker skin tones.⁶ "Multi-Scale Feature Fusion" extracts features at different resolutions to capture more contextual detail, while "Spatial Attention" mechanisms help the model focus on specific biometric landmarks (like the eyes or nose) and ignore background noise.⁸

Liveness and Spoof Detection

A robust biometric system must also distinguish between a real person and a "presentation attack" (e.g., a photo or a mask).⁷ NIST’s PAD (Presentation Attack Detection) test benchmarks these capabilities.⁷ Without these checks, a system is not only biased but insecure, susceptible to simple "brute-force" spoofing.⁶

Operationalizing Safety: The Human-in-the-Loop (HITL) Framework

The ultimate safeguard against the failure of autonomous systems is the integration of human judgment. Veriprajna advocates for a "Human-in-the-Loop" (HITL) framework that treats AI as an assistant, not an adjudicator.¹⁸

Identifying Critical Human Review Points

A well-designed HITL system uses confidence thresholds to prioritize human attention.²³

1.​ Auto-Reject: If confidence is below 70%, the match is discarded immediately.

2.​ Human Review: If confidence is between 70% and 95%, the system flags the case for manual verification.²³

3.​ Auto-Approve: Only if confidence is above 95% (and the task is low-consequence) does the system act autonomously.⁴²

Designing Effective Human Review Interfaces

In a retail or security setting, the human reviewer must have access to the original source data. An effective interface displays the original CCTV image next to the extracted gallery image, allowing the reviewer to spot anomalies that the AI might have missed, such as a mismatched ear shape or distinctive tattoo.²³

HITL Component	Benefit
Confidence Thresholding	Prevents "alert fatigue" by only flagging ambiguous cases.23
Audit Trails	Logs every human decision and override for legal defense.18
Continuous Feedback	Human corrections are used as labels to retrain and refine the model.42
Exception Handbook	Standardizes how humans should respond to "edge cases."23

The failure of Rite Aid’s system was partly due to the lack of "meaningful human review".² Employees were instructed to follow and confront customers based on automated alerts without being trained on the possibility of false positives.² A HITL framework empowers employees to question the AI and prevents the kind of "reflexive trust" that led to the Harvey Murphy arrest.¹⁶

Executive Summary: Building an AI-Native Tech Organization

The transition from "AI experimentation" to "AI operation" requires board-level oversight and a fundamental shift in corporate strategy.⁴⁴ As organizations move toward an "agentic workforce," where machines think and learn autonomously, the role of the Chief Risk Officer (CRO) and Chief Information Officer (CIO) becomes central.⁴⁶

Moving Beyond Pilot Purgatory

Many enterprises stall on AI because early successes in small pilots meet the reality of fragmented data and legacy systems.⁴⁴ Scaling AI requires:

●​ Clear Ownership: Assigning responsibility for AI outcomes, not just technical implementation.⁴⁴

●​ Data Reliability: Ensuring data lives across consistent rules and is maintained at a high quality.⁴⁴

●​ Modular Architecture: Adopting a modular approach to avoid "vendor lock-in," allowing the enterprise to swap, upgrade, and integrate models with less friction.⁴⁷

The ROI of Deep AI

While building a custom "Deep AI" solution is more resource-intensive than purchasing an off-the-shelf wrapper, the long-term ROI is significantly higher. Organizations that own their AI IP avoid recurring license fees, maintain full control over their data, and build a competitive moat through specialized performance.⁴⁸

Moreover, the cost of not building a robust system is now clear. Rite Aid faces a five-year ban and the destruction of its biometric assets; Macy’s and Sunglass Hut face a $10 million lawsuit and a public relations nightmare.¹ In this context, deep AI is not an luxury—it is a strategic necessity for the modern enterprise.

Strategic Recommendations for the Board

1.​ Conduct a "Wrapper Audit": Identify which AI capabilities in your organization are built on thin API dependencies and lack internal governance or auditability.

2.​ Implement Uncertainty Quantification: Mandate that all high-stakes AI outputs include a quantified confidence score and uncertainty distribution.

3.​ Benchmark Against NIST FRVT: Require all biometric vendors to provide performance report cards validated by NIST, with specific attention to demographic bias.

4.​ Codify Human-in-the-Loop: Ensure that no AI-driven decision affecting personal liberty or significant financial transactions occurs without a documented human review process.

5.​ Prepare for the EU AI Act: Even for US-based companies, aligning with the EU's standards for "High-Risk AI" is the best way to future-proof against upcoming domestic regulations.

Veriprajna specializes in helping organizations bridge the "reliability gap," moving from brittle, risky wrappers to robust, engineered AI systems. The future of enterprise AI is not just about what a model can do, but about how it can be trusted. In the era of biometric liability, accountability is the ultimate competitive advantage.

Works cited

1. Rite Aid Corporation, FTC v. | Federal Trade Commission, accessed February 6, 2026, https://www.ftc.gov/legal-library/browse/cases-proceedings/2023190-rite-aid-corporation-ftc-v

2. Rite Aid Banned from Using AI Facial Recognition After FTC Says ..., accessed February 6, 2026, https://www.ftc.gov/news-events/news/press-releases/2023/12/rite-aid-banned-using-ai-facial-recognition-after-ftc-says-retailer-deployed-technology-without

3. FTC Announces Groundbreaking Action Against Rite Aid for Unfair Use of AI - WilmerHale, accessed February 6, 2026, https://www.wilmerhale.com/en/insights/blogs/wilmerhale-privacy-and-cybersecurity-law/20240111-ftc-announces-groundbreaking-action-against-rite-aid-for-unfair-use-of-ai

4. Wrappers, deeptechs, and generative AI: a profitable but fragile house of cards, accessed February 6, 2026, https://www.duperrin.com/english/2025/05/20/wrappers-deeptechs-generative-ai/

5. The Hidden Costs of Voice AI Wrappers: Dependency, Pricing, and Support Risks - Trillet AI, accessed February 6, 2026, https://www.trillet.ai/blogs/voice-ai-wrapper-dependency-risks

6. Characteristics, limitations, and how to measure accuracy when ..., accessed February 6, 2026, https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/face/characteristics-and-limitations?view=foundry-classic

7. Introduction to NIST FRVT - Paravision, accessed February 6, 2026, https://www.paravision.ai/news/introduction-to-nist-frvt/

8. How To Mitigate Facial Recognition Bias in Identity Verification - HyperVerge, accessed February 6, 2026, https://hyperverge.co/blog/mitigating-facial-recognition-bias/

9. Countermeasures against bias and spoofing in modern facial recognition systems, accessed February 6, 2026, https://journalwjarr.com/index.php/content/countermeasures-against-bias-and-spoofing-modern-facial-recognition-systems

10. Adversarial Debiasing for Bias Mitigation in Healthcare AI Systems: A Literature Review, accessed February 6, 2026, https://www.scirp.org/journal/paperinformation?paperid=143081

11. Companies Deploying Facial Recognition Continue to be Watched; Rite Aid Banned from Using AI Facial Recognition - Kilpatrick Townsend, accessed February 6, 2026, https://ktslaw.com/Insights/Alert/2024/1/Companies-Deploying-Facial-Recognition-Continue-to-be-Watched

12. Risks of AI Wrapper Products and Features - Kader Law, accessed February 6, 2026, https://www.kaderlaw.com/blog/risks-of-ai-wrapper-products-and-features

13. Macy's Hit With $10M Lawsuit After Faulty AI Facial Recognition ..., accessed February 6, 2026, https://www.lawcommentary.com/articles/macys-hit-with-10m-lawsuit-after-faulty-ai-facial-recognition-software-leads-to-wrongful-arrest

14. Macy's faces $10 million lawsuit for using facial recognition to accuse man of robbery he did not commit | Technology, accessed February 6, 2026, https://english.elpais.com/technology/2024-01-24/macys-faces-10-million-lawsuit-for-using-facial-recognition-to-accuse-man-of-robbery-he-did-not-commit.html

15. Lawsuit: Facial recognition software leads to wrongful arrest of Texas man; he was in Sacramento at time of robbery - CBS News, accessed February 6, 2026, https://www.cbsnews.com/sacramento/news/texas-macys-sunglass-hut-facial-recognition-software-wrongful-arrest-sacramento-alibi/

16. Facial recognition used after Sunglass Hut robbery led to man's ..., accessed February 6, 2026, https://www.theguardian.com/technology/2024/jan/22/sunglass-hut-facial-recognition-wrongful-arrest-lawsuit

17. Texas man sues Macy's, Sunglass Hut for facial recognition wrongful arrest - YouTube, accessed February 6, 2026, https://www.youtube.com/watch?v=HWq7DNf4SLI

18. How to Keep Human In The Loop (HITL) During Gen AI Testing? - testRigor, accessed February 6, 2026, https://testrigor.com/blog/how-to-keep-human-in-the-loop-hitl-during-gen-ai-testing/

19. Addressing Gender Bias in Facial Recognition Technology: An Urgent Need for Fairness and Inclusion - Cogent Infotech, accessed February 6, 2026, https://www.cogentinfo.com/resources/addressing-gender-bias-in-facial-recognition-technology-an-urgent-need-for-fairness-and-inclusion

20. The great AI debate: Wrappers vs. Multi-Agent Systems in enterprise AI - Moveo.AI, accessed February 6, 2026, https://moveo.ai/blog/wrappers-vs-multi-agent-systems

21. Personalised Uncertainty Quantification in Artificial Intelligence - Research Communities, accessed February 6, 2026, https://communities.springernature.com/posts/personalised-uncertainty-quantification-in-artificial-intelligence

22. Operationalizing the R4VR-Framework: Safe Human-in-the-Loop Machine Learning for Image Recognition - MDPI, accessed February 6, 2026, https://www.mdpi.com/2227-9717/13/12/4086

23. Human-in-the-Loop AI in Document Workflows - Best Practices & Common Pitfalls - Parseur, accessed February 6, 2026, https://parseur.com/blog/hitl-best-practices

24. From Aleatoric to Epistemic: Exploring Uncertainty Quantification Techniques in Artificial Intelligence - arXiv, accessed February 6, 2026, https://arxiv.org/html/2501.03282v1

25. Evaluation of Uncertainty Quantification in Deep Learning - PMC, accessed February 6, 2026, https://pmc.ncbi.nlm.nih.gov/articles/PMC7274324/

26. Uncertainty Quantification | IBM, accessed February 6, 2026, https://www.ibm.com/think/topics/uncertainty-quantification

27. Open-Set Biometrics: Beyond Good Closed-Set Models - arXiv, accessed February 6, 2026, https://arxiv.org/html/2407.16133v1

28. What is difference between closed-set and open-set classification problem? - Stack Overflow, accessed February 6, 2026, https://stackoverflow.com/questions/62765276/what-is-difference-between-closed-set-and-open-set-classification-problem

29. Toward Open-Set Face Recognition, accessed February 6, 2026, https://openaccess.thecvf.com/content_cvpr_2017_workshops/w6/papers/Gunther_Toward_Open-Set_Face_CVPR_2017_paper.pdf

30. Comparison of open-set and closed-set face recognition. - ResearchGate, accessed February 6, 2026, https://www.researchgate.net/figure/Comparison-of-open-set-and-closed-set-face-recognition_fig1_316505674

31. The Best Globally Top Ranked Face Recognition Algorithm 2025 - KBY-AI, accessed February 6, 2026, https://kby-ai.com/top-ranked-face-recognition/

32. Face Recognition Technology Evaluation (FRTE) 1:1 Verification - NIST Pages, accessed February 6, 2026, https://pages.nist.gov/frvt/html/frvt11.html

33. NIST AI Risk Management Framework: A simple guide to smarter AI ..., accessed February 6, 2026, https://www.diligent.com/resources/blog/nist-ai-risk-management-framework

34. NIST AI Risk Management Framework (AI RMF) - Palo Alto Networks, accessed February 6, 2026, https://www.paloaltonetworks.com/cyberpedia/nist-ai-risk-management-framework

35. Safeguard the Future of AI: The Core Functions of the NIST AI RMF - AuditBoard, accessed February 6, 2026, https://auditboard.com/blog/nist-ai-rmf

36. High-level summary of the AI Act | EU Artificial Intelligence Act, accessed February 6, 2026, https://artificialintelligenceact.eu/high-level-summary/

37. Article 6: Classification Rules for High-Risk AI Systems | EU Artificial Intelligence Act, accessed February 6, 2026, https://artificialintelligenceact.eu/article/6/

38. Annex III: High-Risk AI Systems Referred to in Article 6(2) | EU Artificial Intelligence Act, accessed February 6, 2026, https://artificialintelligenceact.eu/annex/3/

39. Article 11: Technical Documentation | EU Artificial Intelligence Act, accessed February 6, 2026, https://artificialintelligenceact.eu/article/11/

40. Article 5: Prohibited AI Practices | EU Artificial Intelligence Act, accessed February 6, 2026, https://artificialintelligenceact.eu/article/5/

41. Human in the Loop AI: Benefits, Use Cases, and Best Practices - WitnessAI, accessed February 6, 2026, https://witness.ai/blog/human-in-the-loop-ai/

42. When Automation Breaks Trust: A Practical Guide to Human-in-the-Loop AI Workflows for SMBs | Artificial Intelligence | MyMobileLyfe | AI Consulting and Digital Marketing, accessed February 6, 2026, https://www.mymobilelyfe.com/artificial-intelligence/when-automation-breaks-trust-a-practical-guide-to-human-in-the-loop-ai-workflows-for-smbs/

43. Human-in-the-Loop AI (HITL) - Complete Guide to Benefits, Best Practices & Trends for 2026, accessed February 6, 2026, https://parseur.com/blog/human-in-the-loop-ai

44. Enterprise AI Consulting Framework for Business Leaders, accessed February 6, 2026, https://appinventiv.com/blog/enterprise-ai-consulting-framework-guide/

45. Tech Trends 2026 | Deloitte Insights, accessed February 6, 2026, https://www.deloitte.com/us/en/insights/topics/technology-management/tech-trends.html

46. Deploying agentic AI with safety and security: A playbook for technology leaders - McKinsey, accessed February 6, 2026, https://www.mckinsey.com/capabilities/risk-and-resilience/our-insights/deploying-agentic-ai-with-safety-and-security-a-playbook-for-technology-leaders

47. AI in the workplace: A report for 2025 - McKinsey, accessed February 6, 2026, https://www.mckinsey.com.br/capabilities/tech-and-ai/our-insights/superagency-in-the-workplace-empowering-people-to-unlock-ais-full-potential-at-work

48. Custom AI vs Off-the-Shelf AI : Which Is Right for Your Business?, accessed February 6, 2026, https://www.aalpha.net/blog/custom-ai-vs-off-the-shelf-ai/

49. Custom AI Software vs Off-the-shelf Artificial Intelligence Solution - Integrio Systems, accessed February 6, 2026, https://integrio.net/blog/custom-vs-of-the-shelf-artificial-intelligence