K-Mart, Facial Recognition, New Privacy Concerns
As advancements in the fields of artificial intelligence and machine learning continue to be made, the ways in which these forms of technology are utilized within mainstream society continue to expand. This being the case, one common application of AI and machine learning in the business world as it stands today is in facial recognition software, as many retail businesses have begun using facial recognition for the purposes of cutting down on retail theft, as well as providing additional safety measures for employees and customers alike who visit a particular retail location on a given day. However, despite the benefits that facial recognition cameras may offer from a business perspective, this has also become associated with a number of concerns as it pertains to personal privacy.
To this point, American retail company Kmart, as well as Australian household hardware chain Bunnings Warehouse has come under fire for their use of facial recognition cameras in their respective stores across the nation of Australia in the past few months. More specifically, these two companies are currently under investigation by the Office of the Australian Information Commissioner (OAIC), the country’s primary data protection agency, over their use of such technology with respect to the nation’s foremost data privacy law, Australia’s Consumer Data Right (CDR). This investigation is in response to a report that was conducted by the Australian Consumers’ Association, more commonly known as CHOICE.
For reference, the report that the Australian Consumers’ Association conducted “probed 25 of “Australia’s most-trusted retailers”, and found Kmart, Bunnings and The Good Guys were “capturing the biometric data of their customers”. On top of this, CHOICE also surveyed more than 1000 customers of these retailers individually between March and April of this year as a part of its report. To this end, CHOICE also revealed that 76% of Australian residents were not aware that retailers such as Kmart and Bunnings have been both capturing and retaining pictures of their faces using facial recognition technology, despite the fact that these stores had allegedly posted “small signs at the entrance of stores where the technology was in use”.
While many people around the world may think about social security numbers, financial details, or email addresses when talking about their most sensitive forms of personal information, advancements in artificial intelligence have also given rise to the collection of biometric data. From facial recognition scans to fingerprint identification, biometric data can be obtained from everyday people in a number of ways. While the collection of such personal information does not inherently infringe on the personal privacy of individuals, the manner in which technological solutions that work to collect and process biometric data have been implemented in stores such as Kmart and Bunnings has left many people unaware and confused about what their rights are with regard to data protection.
Facial recognition tech and bias
What’s more, facial recognition technology, in general, has long been associated with bias, as the accuracy and effectiveness of such technology largely depend on the diversity of the training data that was used to create such applications. For example, a facial recognition software program that has only been trained on pictures of males could potentially misidentify the picture of a woman that walks into a retail store such as Kmart, causing stress and legal ramifications for all parties involved. Moreover, gender inequality is just one of the multitude of ways in which bias can interfere with the efficiency of a facial recognition software application, as a camera that utilizes such technology within a retail store location such as Kmart will be scanning the faces of individuals that come from all kinds of backgrounds, ethnicities, nationalities, and ages, among other things.
Notwithstanding the questions of bias and personal data protection, the application of facial recognition software in a business setting such as a retail store has also led to concerns over mass surveillance. To illustrate this point further, the multinational technology and social media company Meta recently discontinued the use of their facial recognition software in November of 2021, after it was discovered that they had obtained the biometric data of more than 1 billion people worldwide. Irrespective of any privacy legislation that may be passed within a particular country or jurisdiction, regulating a company that has access to facial scans of hundreds of millions of different individuals is all but impossible.
While Kmart and Bunnings both maintain that the facial recognition technology that is utilized within their various retail locations was aimed at preventing banned people or criminals from entering their stores without permission, the two companies have nonetheless stated that they have discontinued the use of such technology as of July of 2022. Nevertheless, the discontinuation of facial recognition software cameras still does not address the biometric data that a retail store such as Kmart may still retain. With all this being said, it remains to be seen if the actions of Kmart and Bunnings constituted a violation of Consumer Data Right (CDR), as well as what the implications of such a violation would be.