Skip to content

When AI Safety Is a Matter of Life or Death

Sotiris Spyrou

Share this article

LinkedInXEmail
When AI Safety Is a Matter of Life or Death

Category: AI Safety / Practical Applications Reading Time: 7 minutes

How Menu Digitisation AI Must Get Allergen Verification Right Every Time

Most AI safety debates focus on AGI existential risk. Researchers publish papers about alignment problems. Policymakers draft frameworks for hypothetical superintelligence. Tech leaders warn about autonomous weapons.

But there's AI already deployed where mistakes literally kill people.

And it's not what you think.

It's restaurant menus.

The Hidden Stakes of "Boring" AI

Picture the scenario: a customer with a severe shellfish allergy orders from a digital menu. The menu states the dish is safe. It isn't. An AI-powered menu digitisation system has misread a handwritten note, or hallucinated an allergen-free claim that was never in the source text. No human reviewed it before it went live.

This isn't hypothetical as a category of risk. Food allergies cause a meaningful number of hospital admissions for anaphylaxis each year in the UK, with fatal outcomes occurring often enough that the Food Standards Agency maintains strict enforcement protocols.

The financial stakes are real too: restaurants face substantial fines for allergen labelling violations under EU Food Information Regulation 1169/2011. Wrongful death liability can reach into the millions. Reputational damage can force business closure.

And yet, menu digitisation AI is treated as a trivial application. "It's just OCR," developers say. "Basic natural language processing," AI researchers dismiss. "Low-stakes deployment," safety frameworks categorise.

They're all wrong.

Why Menu Digitisation Demands 100% Accuracy

Unlike most AI applications, menu digitisation operates under binary success criteria: either the allergen information is 100% accurate, or people die.

There's no room for "95% accuracy is good enough." There's no acceptable error rate. There's no trade-off between precision and recall that makes business sense.

Consider the technical challenge:

Input Variability:

  • Physical menus in varying conditions (creased, stained, photographed in poor lighting)

  • Handwritten specials boards with inconsistent legibility

  • PDFs with varying quality and embedded fonts

  • Multi-column layouts with complex formatting

  • Multilingual content (French, Dutch, English often on same Belgian menu)

Extraction Complexity:

  • 14 major allergens must be identified across 30+ languages

  • Ingredient lists with regional terminology variations

  • Dish descriptions that imply allergen content without stating it

  • Chef's notes and preparation methods that affect allergen status

  • Seasonal ingredient substitutions

Failure Modes:

  • OCR Errors: "shellfish broth" becomes "shellfish-free both"

  • Hallucination: AI invents allergen information not present in source

  • Omission: Allergen present in dish but undetected in extraction

  • Translation Errors: Allergen term mistranslated between languages

  • Update Lag: Supplier changes ingredients, digital menu not updated

Each failure mode has the same outcome: potential anaphylaxis, legal liability, and reputational catastrophe.

The Regulatory Context: Zero Tolerance

EU Food Information Regulation 1169/2011 is unambiguous: food businesses must provide accurate allergen information for all foods. There's no clause for "AI did its best." There's no exemption for "the OCR confidence was high."

The Food Standards Agency in the UK enforces this with criminal prosecution powers. Allergen violations can result in:

  • Unlimited fines

  • Imprisonment up to 2 years

  • Business closure orders

  • Criminal records for restaurant owners

From a regulatory perspective, deploying unverified AI for allergen extraction is equivalent to serving food without checking ingredients. The law doesn't distinguish between human negligence and AI error - both result in the same penalties.

This creates an interesting AI safety challenge: how do you deploy AI in an environment with zero error tolerance while maintaining the economic viability that makes digitisation worthwhile?

AI Safety Principles Applied: The EasyMenus Framework

When EasyMenus approached VerityAI about designing verification frameworks for their menu digitisation platform, we faced this exact challenge. Their target market - independent restaurants on a low-cost monthly subscription - couldn't afford manual data entry at typical per-menu rates, but couldn't risk the legal exposure of unverified AI extraction either.

The solution required applying enterprise AI safety principles at SMB economics.

Risk Assessment: Mapping Failure Modes

We began by systematically identifying every way the system could produce incorrect allergen information:

1. Extraction Stage Failures

  • OCR misreading characters (especially handwritten content)

  • Layout detection errors (misassociating dish with allergen note)

  • Image quality issues (blurry photos, poor lighting, shadows)

2. Classification Stage Failures

  • Named entity recognition missing allergen keywords

  • False negatives on ingredient lists

  • Context misunderstanding (e.g., "nut-free" vs "contains nuts")

3. Translation Stage Failures

  • Allergen terms mistranslated between languages

  • Regional terminology variations (e.g., "groundnut" vs "peanut")

  • Idioms that imply allergen content indirectly

4. Propagation Failures

  • Ingredient changes not reflected in digital menu

  • Supplier substitutions not captured

  • Seasonal variations not updated

5. Edge Case Failures

  • Cross-contamination warnings

  • "May contain" vs "Contains" distinction

  • Preparation method allergen implications

Verification Architecture: Redundancy and Review

Based on this risk assessment, we designed a multi-layer verification system:

Layer 1: Ensemble OCR Rather than relying on a single OCR model, use three different engines and implement voting. If models disagree on allergen-related text, flag for human review.

Layer 2: Confidence Scoring Every allergen extraction gets a confidence score. Threshold: 90%. Below this, automatic human review queue routing. This isn't about achieving perfection - it's about knowing when you don't know.

Layer 3: Allergen-Specific NER General-purpose named entity recognition models aren't trained on food allergen terminology across languages. We specified training on FSA's 14 major allergens plus regional variations (e.g., "cacahuète" for peanut in French, "garnalen" for shrimp in Dutch).

Layer 4: Regulatory Database Cross-Reference Where possible, cross-reference extracted allergen data against supplier ingredient databases. If a restaurant uses specific suppliers with API access, validate menu allergen claims against source ingredient lists.

Layer 5: Version Control and Audit Trail Every menu change logged with attribution. If an allergen incident occurs, complete audit trail available: who changed what, when, what was the source, what was the confidence score, was it human-reviewed?

The Economics of Safety

This architecture adds cost and latency compared with a single-pass OCR approach. A meaningful share of extractions need routing to human review rather than being accepted automatically.

But consider the alternative: a single allergen incident can cost tens of thousands of pounds in fines alone, plus legal fees, reputation damage, and potential criminal prosecution.

At a low monthly subscription price, EasyMenus can absorb the human review costs while maintaining profitability. The restaurant gets allergen compliance for digital restaurant menus that meets FSA standards at a fraction of traditional menu printing costs.

More importantly: accuracy improved substantially once the ensemble-plus-review system replaced a single OCR model baseline. The residual error rate skews heavily toward false positives - the system flagging allergens that aren't present, which requires restaurants to verify rather than putting anyone at risk. False negatives (missing real allergens) became rare.

Lessons for AI Safety Practice

The menu digitisation case study reveals several principles applicable beyond food safety:

1. "Boring" Applications Aren't Low-Stakes

The AI safety community focuses disproportionately on dramatic scenarios: autonomous weapons, superintelligence, deepfakes. Meanwhile, "boring" enterprise AI applications are deployed with life-or-death consequences and minimal safety oversight.

Menu digitisation. Medical record transcription. Pharmaceutical dosage calculators. Financial compliance systems. Legal contract analysis.

These don't make headlines. They don't inspire Hollywood films. But they're deployed at scale, affect millions, and can kill people when they fail.

2. Regulatory Requirements Define Success Criteria

Generic AI safety frameworks talk about "alignment" and "robustness" without concrete definitions. In regulated industries, success criteria are legally specified: 100% allergen accuracy (food), 99.9%+ uptime (medical devices), zero unauthorised transactions (finance).

This provides clarity often missing from AI safety discourse. We don't need to debate philosophical questions about what "safe" means - the FSA has already defined it in regulation.

3. Human-in-Loop at Economic Viability

"Keep humans in the loop" is common AI safety advice. But humans are expensive. Pure human review of every menu is economically unworkable for a low-cost subscription business.

The solution: selective human review based on confidence thresholds, so only the extractions the system flags as uncertain get routed to a person. This makes the economics work while maintaining safety standards.

The lesson: human-in-loop doesn't mean human reviews everything - it means humans review what AI flags as uncertain.

4. Domain Expertise Matters More Than AI Expertise

Building the allergen verification system required more food safety expertise than AI expertise. Understanding FSA regulations, knowing how restaurants actually operate, recognising regional allergen terminology - these were the hard problems.

The AI components were relatively straightforward: ensemble OCR, NER, confidence scoring. Any competent ML engineer can implement these. But without food safety domain knowledge, you'd build the wrong thing.

AI safety practitioners need domain experts in the room. Philosophers and computer scientists alone won't identify the real failure modes.

5. Verification Scales Down

Enterprise AI safety practices - redundancy, audit trails, human review, confidence scoring - are often dismissed as too expensive for SMB applications.

The EasyMenus case proves otherwise. With thoughtful architecture, these principles work at low-cost subscription price points. You don't need enterprise budgets to implement enterprise safety standards.

The Broader Implications

If menu digitisation requires this level of safety thinking, what about:

  • Medical transcription AI (clinical decisions based on transcription errors)

  • Legal contract analysis (missed clauses leading to liability)

  • Financial compliance systems (regulatory violations from AI misclassification)

  • Hiring algorithms (discriminatory decisions from biased training data)

  • Content moderation (allowing illegal content through false negatives)

These applications aren't speculative future AI. They're deployed today. At scale. With real consequences.

Yet most operate without the verification frameworks we designed for restaurant menus. Why? Because they're not seen as "AI safety" problems - they're enterprise software problems. The AI safety community focuses on existential risk while deployed AI causes actual harm.

There's a gap in the field. We need practical AI safety frameworks for boring applications with real stakes. We need verification architectures that work at SMB economics. We need domain-specific safety standards, not generic principles.

Most importantly, we need to recognise that AI safety is already a matter of life or death - not in hypothetical AGI scenarios, but in restaurant kitchens, hospital records systems, and financial compliance platforms operating right now.

The question isn't "what will we do when superintelligence arrives?"

The question is "what are we doing about the AI that's already killing people?"

About the Author

Sotiris Spyrou is CEO of VerityAI, an AI compliance and risk management consultancy, and advisory tp EasyMenus.xyz. He specialises in applying AI safety frameworks to regulated industries and has advised companies on verification systems for food safety, healthcare, and financial services applications. Sotiris writes about practical AI safety at verityai.co/blog.

Disclosure: Sotiris is CEO of both VerityAI and EasyMenus. This article describes a genuine advisory engagement conducted to ensure allergen verification accuracy in menu digitisation systems.

Further Reading:

Published: 02 November 2025 Category: AI Safety, Practical Applications Tags: #AIComplaince #FoodSafety #AllergenVerification #MenuDigitisation #PracticalAISafety

If you want support with this, VerityAI offers AI compliance and risk review.

Share this article

LinkedInXEmail
Sotiris Spyrou - Author

Sotiris Spyrou

Sotiris Spyrou is the founder of VerityAI, a Responsible AI advisory for boards and AI-deploying businesses. With 27 years across agencies, global in-house roles, and the C-suite, he advises leaders on AI governance and risk, and on answer-engine visibility engineered without the dark patterns the rest of the industry is getting penalised for. He is the author of TRANSFORM, AI Moats, and Ethical AI.

Founder at VerityAI