Bunnings Under Fire for Breach of Privacy Laws with Facial Recognition Technology

….Bunnings used facial Recognition technology on customers entering their shops without their consent

By Kwedu News

Bunnings is under fire from the Office of the Australian Information Commissioner (OAIC) after a two-year investigation revealed that they breached privacy laws by using facial recognition technology on its customers without proper consent.

Over 60 Bunnings stores in New South Wales and Victoria were using the software with hundreds of thousands customers’ privacy interfered with.

Bunnings did not request for consent from its customers to be scanned, the OAIC says.

Facial recognition technology collects and stores people’s individual ‘faceprints’, which are considered highly sensitive biometric data under Australian privacy law.

The investigations revealed that the system scanned customer faces in store and cross-checked them against what Bunnings said was ‘a list of enrolled individuals’ who they knew or suspected were a security risk in the past, either by behaving violently or stealing.

Bunnings said where the system found matches, it raised an alert.

Australian Privacy Commissioner, Carly Kind, says ndividuals who entered the relevant Bunnings stores at the time would not have been aware that facial recognition technology was in use and especially that their sensitive information was being collected, even if briefly.

Bunnings says the technology was used to protect it’s staff and customers.

“The retail giant says the technology was used to protect staff and customers from increasing exposure to violent and organised crime,” a report by the Australian Broadcasting Corporation says on the issue.

The investigation revealed that Bunnings used the facial recognition technology between 2018 and 2021 and has raised eyebrows.

“Facial recognition technology, and the surveillance it enables, has emerged as one of the most ethically challenging new technologies,” Commissioner kind says.

The company has been ordered to destroy all personal and sensitive information collected and publish an apology statement on their website within 30 days.

They, however, are seeking to appeal against the decisions of the OAIC.

The case is expected to have major implications for how Australian businesses use the technology in future.

The Privacy Commissioner ruled that the benefits did not justify the invasion of privacy.

“Just because a technology may be helpful or convenient, does not mean its use is justifiable,” Commissioner Kind said.

Bunnings is not the only store found to be using the face recognition technology as consumer advocacy group, Choice, revealed that Kmart and The Good Guys were also using the technology.

“Kmart is also being investigated by the regulator for in-store use of facial recognition technology, but a finding is yet to be made,” ABC reports.

It also says the regulator did not proceed with investigations into The Good Guys.

In its defense, Kmart says using the technology to prevent criminal activities is legitimate.

The three outlets halted the practice after the Choice raised an alarm.