Australia’s favourite outlet of sausage sangas, Bunnings Warehouse, has come under the fire of the Australian Privacy Commissioner, after claims the hardware retail giant has breached privacy laws over three years.
After two years of investigation by the privacy regulator, it concluded that Bunnings had used facial recognition technology on customers without getting proper consent. The case has been described as a landmark, due to how it will impact the way businesses use facial ID tech going forward.
Australian Privacy Commissioner Carly Kind described how the “ethically challenging” technology was used to collect customer’s data without them knowing.
“Individuals who entered the relevant Bunnings stores at the time would not have been aware that facial recognition technology was in use and especially that their sensitive information was being collected, even if briefly,” Kind said in a statement.
The facial ID technology would collect a Bunnings shopper’s “faceprint”, AKA the same kind of biometric data used by Face ID to unlock your phone.
According to the Privacy Commissioner, the breach has impacted hundreds of thousands of customers in NSW and Victoria, across 63 Bunnings locations from November 6, 2018, to November 30, 2021.
During the investigation, Bunnings explained that the reason behind the data being collected was so that it could cross-check the faces of people entering a store with individuals it believed/knew had been security threats or committed theft in the past.
“We know that some 70 per cent of incidents are caused by the same group of people,” said Bunnings’ managing director Mike Schneider.
“While we can physically ban them from our stores, with thousands of daily visitors, it is virtually impossible to enforce these bans. Facial recognition technology provided the fastest and most accurate way of identifying these individuals and quickly removing them from our stores.”
For the majority of customers who didn’t pose any risk, their biometric data was almost instantly deleted automatically.
However, the Privacy Commissioner asserted that the collection of this highly sensitive data still needs to be considered carefully, and any “possible benefits need to be weighed against the impact on privacy rights”.
“Facial recognition technology may have been an efficient and cost-effective option available to Bunnings at the time in its well-intentioned efforts to address unlawful activity, which included incidents of violence and aggression,” Kind said.
“However, just because a technology may be helpful or convenient, does not mean its use is justifiable.
“In this instance, deploying facial recognition technology was the most intrusive option, disproportionately interfering with the privacy of everyone who entered its stores, not just high-risk individuals.”
As a result of the landmark finding by the commissioner, Bunnings has been ordered to delete all sensitive personal information it still has within the next year. It has also been told not to continue the practise.
Bunnings has said it will seek a review of the finding, as it believes it was using the technology appropriately as protection from organised crime.
Lead Image: Getty
The post Bunnings Warehouse Breached Privacy Laws By Using Facial Recognition On Customers appeared first on PEDESTRIAN.TV .
