When AI Safety Is a Matter of Life or Death

Category: AI Safety / Practical Applications Reading Time: 7 minutes
How Menu Digitisation AI Must Get Allergen Verification Right Every Time
Most AI safety debates focus on AGI existential risk. Researchers publish papers about alignment problems. Policymakers draft frameworks for hypothetical superintelligence. Tech leaders warn about autonomous weapons.
But there's AI already deployed where mistakes literally kill people.
And it's not what you think.
It's restaurant menus.
The Hidden Stakes of "Boring" AI
Picture the scenario: a customer with a severe shellfish allergy orders from a digital menu. The menu states the dish is safe. It isn't. An AI-powered menu digitisation system has misread a handwritten note, or hallucinated an allergen-free claim that was never in the source text. No human reviewed it before it went live.
This isn't hypothetical as a category of risk. Food allergies cause a meaningful number of hospital admissions for anaphylaxis each year in the UK, with fatal outcomes occurring often enough that the Food Standards Agency maintains strict enforcement protocols.
The financial stakes are real too: restaurants face substantial fines for allergen labelling violations under EU Food Information Regulation 1169/2011. Wrongful death liability can reach into the millions. Reputational damage can force business closure.
And yet, menu digitisation AI is treated as a trivial application. "It's just OCR," developers say. "Basic natural language processing," AI researchers dismiss. "Low-stakes deployment," safety frameworks categorise.
They're all wrong.
Why Menu Digitisation Demands 100% Accuracy
Unlike most AI applications, menu digitisation operates under binary success criteria: either the allergen information is 100% accurate, or people die.
There's no room for "95% accuracy is good enough." There's no acceptable error rate. There's no trade-off between precision and recall that makes business sense.
Consider the technical challenge:
Input Variability:
Physical menus in varying conditions (creased, stained, photographed in poor lighting)
Handwritten specials boards with inconsistent legibility
PDFs with varying quality and embedded fonts
Multi-column layouts with complex formatting
Multilingual content (French, Dutch, English often on same Belgian menu)
Extraction Complexity:
14 major allergens must be identified across 30+ languages
Ingredient lists with regional terminology variations
Dish descriptions that imply allergen content without stating it
Chef's notes and preparation methods that affect allergen status
Seasonal ingredient substitutions
Failure Modes:
OCR Errors: "shellfish broth" becomes "shellfish-free both"
Hallucination: AI invents allergen information not present in source
Omission: Allergen present in dish but undetected in extraction
Translation Errors: Allergen term mistranslated between languages
Update Lag: Supplier changes ingredients, digital menu not updated
Each failure mode has the same outcome: potential anaphylaxis, legal liability, and reputational catastrophe.
The Regulatory Context: Zero Tolerance
EU Food Information Regulation 1169/2011 is unambiguous: food businesses must provide accurate allergen information for all foods. There's no clause for "AI did its best." There's no exemption for "the OCR confidence was high."
The Food Standards Agency in the UK enforces this with criminal prosecution powers. Allergen violations can result in:
Unlimited fines
Imprisonment up to 2 years
Business closure orders
Criminal records for restaurant owners
From a regulatory perspective, deploying unverified AI for allergen extraction is equivalent to serving food without checking ingredients. The law doesn't distinguish between human negligence and AI error - both result in the same penalties.
This creates an interesting AI safety challenge: how do you deploy AI in an environment with zero error tolerance while maintaining the economic viability that makes digitisation worthwhile?
AI Safety Principles Applied: The EasyMenus Framework
When EasyMenus approached VerityAI about designing verification frameworks for their menu digitisation platform, we faced this exact challenge. Their target market - independent restaurants on a low-cost monthly subscription - couldn't afford manual data entry at typical per-menu rates, but couldn't risk the legal exposure of unverified AI extraction either.
The solution required applying enterprise AI safety principles at SMB economics.
Risk Assessment: Mapping Failure Modes
We began by systematically identifying every way the system could produce incorrect allergen information:
1. Extraction Stage Failures
OCR misreading characters (especially handwritten content)
Layout detection errors (misassociating dish with allergen note)
Image quality issues (blurry photos, poor lighting, shadows)
2. Classification Stage Failures
Named entity recognition missing allergen keywords
False negatives on ingredient lists
Context misunderstanding (e.g., "nut-free" vs "contains nuts")
3. Translation Stage Failures
Allergen terms mistranslated between languages
Regional terminology variations (e.g., "groundnut" vs "peanut")
Idioms that imply allergen content indirectly
4. Propagation Failures
Ingredient changes not reflected in digital menu
Supplier substitutions not captured
Seasonal variations not updated
5. Edge Case Failures
Cross-contamination warnings
"May contain" vs "Contains" distinction
Preparation method allergen implications
Verification Architecture: Redundancy and Review
Based on this risk assessment, we designed a multi-layer verification system:
Layer 1: Ensemble OCR Rather than relying on a single OCR model, use three different engines and implement voting. If models disagree on allergen-related text, flag for human review.
Layer 2: Confidence Scoring Every allergen extraction gets a confidence score. Threshold: 90%. Below this, automatic human review queue routing. This isn't about achieving perfection - it's about knowing when you don't know.
Layer 3: Allergen-Specific NER General-purpose named entity recognition models aren't trained on food allergen terminology across languages. We specified training on FSA's 14 major allergens plus regional variations (e.g., "cacahuète" for peanut in French, "garnalen" for shrimp in Dutch).
Layer 4: Regulatory Database Cross-Reference Where possible, cross-reference extracted allergen data against supplier ingredient databases. If a restaurant uses specific suppliers with API access, validate menu allergen claims against source ingredient lists.
Layer 5: Version Control and Audit Trail Every menu change logged with attribution. If an allergen incident occurs, complete audit trail available: who changed what, when, what was the source, what was the confidence score, was it human-reviewed?
The Economics of Safety
This architecture adds cost and latency compared with a single-pass OCR approach. A meaningful share of extractions need routing to human review rather than being accepted automatically.
But consider the alternative: a single allergen incident can cost tens of thousands of pounds in fines alone, plus legal fees, reputation damage, and potential criminal prosecution.
At a low monthly subscription price, EasyMenus can absorb the human review costs while maintaining profitability. The restaurant gets allergen compliance for digital restaurant menus that meets FSA standards at a fraction of traditional menu printing costs.
More importantly: accuracy improved substantially once the ensemble-plus-review system replaced a single OCR model baseline. The residual error rate skews heavily toward false positives - the system flagging allergens that aren't present, which requires restaurants to verify rather than putting anyone at risk. False negatives (missing real allergens) became rare.
Lessons for AI Safety Practice
The menu digitisation case study reveals several principles applicable beyond food safety:
1. "Boring" Applications Aren't Low-Stakes
The AI safety community focuses disproportionately on dramatic scenarios: autonomous weapons, superintelligence, deepfakes. Meanwhile, "boring" enterprise AI applications are deployed with life-or-death consequences and minimal safety oversight.
Menu digitisation. Medical record transcription. Pharmaceutical dosage calculators. Financial compliance systems. Legal contract analysis.
These don't make headlines. They don't inspire Hollywood films. But they're deployed at scale, affect millions, and can kill people when they fail.
2. Regulatory Requirements Define Success Criteria
Generic AI safety frameworks talk about "alignment" and "robustness" without concrete definitions. In regulated industries, success criteria are legally specified: 100% allergen accuracy (food), 99.9%+ uptime (medical devices), zero unauthorised transactions (finance).
This provides clarity often missing from AI safety discourse. We don't need to debate philosophical questions about what "safe" means - the FSA has already defined it in regulation.
3. Human-in-Loop at Economic Viability
"Keep humans in the loop" is common AI safety advice. But humans are expensive. Pure human review of every menu is economically unworkable for a low-cost subscription business.
The solution: selective human review based on confidence thresholds, so only the extractions the system flags as uncertain get routed to a person. This makes the economics work while maintaining safety standards.
The lesson: human-in-loop doesn't mean human reviews everything - it means humans review what AI flags as uncertain.
4. Domain Expertise Matters More Than AI Expertise
Building the allergen verification system required more food safety expertise than AI expertise. Understanding FSA regulations, knowing how restaurants actually operate, recognising regional allergen terminology - these were the hard problems.
The AI components were relatively straightforward: ensemble OCR, NER, confidence scoring. Any competent ML engineer can implement these. But without food safety domain knowledge, you'd build the wrong thing.
AI safety practitioners need domain experts in the room. Philosophers and computer scientists alone won't identify the real failure modes.
5. Verification Scales Down
Enterprise AI safety practices - redundancy, audit trails, human review, confidence scoring - are often dismissed as too expensive for SMB applications.
The EasyMenus case proves otherwise. With thoughtful architecture, these principles work at low-cost subscription price points. You don't need enterprise budgets to implement enterprise safety standards.
The Broader Implications
If menu digitisation requires this level of safety thinking, what about:
Medical transcription AI (clinical decisions based on transcription errors)
Legal contract analysis (missed clauses leading to liability)
Financial compliance systems (regulatory violations from AI misclassification)
Hiring algorithms (discriminatory decisions from biased training data)
Content moderation (allowing illegal content through false negatives)
These applications aren't speculative future AI. They're deployed today. At scale. With real consequences.
Yet most operate without the verification frameworks we designed for restaurant menus. Why? Because they're not seen as "AI safety" problems - they're enterprise software problems. The AI safety community focuses on existential risk while deployed AI causes actual harm.
There's a gap in the field. We need practical AI safety frameworks for boring applications with real stakes. We need verification architectures that work at SMB economics. We need domain-specific safety standards, not generic principles.
Most importantly, we need to recognise that AI safety is already a matter of life or death - not in hypothetical AGI scenarios, but in restaurant kitchens, hospital records systems, and financial compliance platforms operating right now.
The question isn't "what will we do when superintelligence arrives?"
The question is "what are we doing about the AI that's already killing people?"
About the Author
Sotiris Spyrou is CEO of VerityAI, an AI compliance and risk management consultancy, and advisory tp EasyMenus.xyz. He specialises in applying AI safety frameworks to regulated industries and has advised companies on verification systems for food safety, healthcare, and financial services applications. Sotiris writes about practical AI safety at verityai.co/blog.
Disclosure: Sotiris is CEO of both VerityAI and EasyMenus. This article describes a genuine advisory engagement conducted to ensure allergen verification accuracy in menu digitisation systems.
Further Reading:
From OCR to Accuracy: Verifying AI-Generated Menu Content (companion article)
EasyMenus Case Study: AI Safety Frameworks for Menu Digitisation (full case study)
Published: 02 November 2025 Category: AI Safety, Practical Applications Tags: #AIComplaince #FoodSafety #AllergenVerification #MenuDigitisation #PracticalAISafety
If you want support with this, VerityAI offers AI compliance and risk review.

Sotiris Spyrou
Sotiris Spyrou is the founder of VerityAI, a Responsible AI advisory for boards and AI-deploying businesses. With 27 years across agencies, global in-house roles, and the C-suite, he advises leaders on AI governance and risk, and on answer-engine visibility engineered without the dark patterns the rest of the industry is getting penalised for. He is the author of TRANSFORM, AI Moats, and Ethical AI.
Founder at VerityAI