Bunnings Breached Privacy Laws by Using Facial Recognition on Customers, Privacy Commissioner Finds

HamBoi69 on 19/11/2024 - 10:35

Pretty poor form from Bunnings/Hammerbarn.

In short
A landmark decision by the Privacy Commissioner has found hardware chain Bunnings breached privacy laws by using facial recognition technology on its customers.
Retailers argue the technology helps prevent theft, but the Privacy Commissioner says Bunnings did not gain proper consent to capture people's unique biometric data.

What's next?
The Commissioner has ordered Bunnings not to repeat the behaviour and to destroy all personal information collected.

ABC article

Shame there won’t be a financial penalty.

General Discussion

Related Stores

Bunnings Warehouse
Bunnings Warehouse
Marketplace

Comments

  • Dollar General on 19/11/2024 - 11:11
    +45

    I always leave home with a balaclava on for this reason

    • ihfree on 19/11/2024 - 11:36
      +3

      A few infrared LEDs under the brim of a hat is meant to work as well.

      • randomusername2017 on 19/11/2024 - 15:00
        +7

        Doesn't it get hot under the foil?¿

        • c64 on 19/11/2024 - 18:59
          +4

          not if it has active cooling with inbuilt fan and heatsink

    • AustriaBargain on 19/11/2024 - 14:00
      +1

      You can't beat gait detection, even putting stones in your shoes doesn't work.

      • mskeggs on 19/11/2024 - 16:13
        +5

        Amputate so you can vary height and stride length if you aren't a casual.

        • resisting the urge on 21/11/2024 - 08:17

          Seems like good advice for full time Bunnings staff, also!

      • altomic on 19/11/2024 - 18:00
        +23

        If you Walk without rhythm then you won't attract the worm.

    • bdl on 19/11/2024 - 14:08

      Fashion statement is just the beginning…

    • jaimex2 on 21/11/2024 - 12:14
      +1

      lol, thanks to the government a covid mask is easier.

    • CalmLemons on 21/11/2024 - 23:28
      +2

      I'm purposely posting this here to highlight this article.

      https://www.theage.com.au/business/workplace/bunnings-has-ne…

      They can sort the privacy parts out with the government.

      If the surveillance system is in there to genuine reduce harm to the staff then I am all for it.

      No one should be threatened at or be scared of going to work, especially from customers.

      Your temporary 0.004 sec mug shot is a trivial concern when it comes to the safety of staff.

      I literally left my career because customers treated us like shit and we would have violent/aggressive customers on a daily basis.

      Your bargains/privacy cannot compare to staff safety.

      I'm not a fan of bunnings market dominance, but I resonate with the fact someone there is trying to actually protect their staff.

    • cheekymonkey97 on 19/11/2024 - 11:38
      +76

      This lax attitude towards privacy needs to (profanity) right off.

    • AustriaBargain on 19/11/2024 - 13:59
      +15

      Why do they need to recognise my face when I buy drill bits or seedlings?

      • EightImmortals on 19/11/2024 - 14:56
        +13

        So that in the future if your social credit score is too low you can be detected and shamed/harrassed/whatever like they do in China?

        • AustriaBargain on 19/11/2024 - 15:00
          +6

          Meh, life is basically already like that in Australia. More or less.

          Growing up poor or growing up rich, you may as well tattoo it as a credit score on your forehead in Australia if you look at the actual outcomes of the average people in those situations.

          In Adelaide we call this unwritten social credit system "What school did you go to?".

          • EightImmortals on 19/11/2024 - 15:03

            @AustriaBargain: Sure, but in terms of being spied on everywhere we go are we all being treated the same regardless?

            • AustriaBargain on 19/11/2024 - 15:06
              +3

              @EightImmortals: Yeah we have that too, it's called gossiping about each other's income and stalking each other's social media.

          • WT on 20/11/2024 - 13:31

            @AustriaBargain: might watch that movie out of time with JT

      • HangryCakeStore on 20/11/2024 - 21:28
        -1

        Cause it’s usually aggressive bogan tradies driving utes

      • MrFrugalSpend on 21/11/2024 - 23:03
        +4

        The bigger question is, why DON'T they need to recognise the face of the guy that held a sharp garden tool to the throat of a young female employee in previous visits??!

        You, they don't give two sh!tes about and they clearly demonstrated they were getting rid of data for anyone not of concern in seconds.

        You do realise plenty of government CCTV, stadiums, train station sites, public spaces are doing this all the time. At least Bunnings can put it in their conditions of entry and we can choose whether to go there?

        I know a staff member at Bunnings who within 24 hours of this decision was talking about how they had to put up with a guy wielding an axe handle he'd picked up in the store for hours going around freaking out customers and staff and seemingly looking for opportunistic robbery opportunities by checking every car in the car park. Apparently this sort of thing is a common occurrence.

        The oppressed party here is Bunnings - they have a right to exclude people from their stores you break the law, they are private property. The government overreach is restricting their ability to do that and keep their team members safe despite them having robust procedures in place for using it in an appropriate and secure way.

        • JH100 on 22/11/2024 - 01:45
          -1

          Why don't they hire security staff for security issues?

          • MrFrugalSpend on 22/11/2024 - 08:26

            @JH100: Firstly in trouble areas they do. They would be very much assisted by this useful tech by being able to turn someone around at the door.
            Secondly, security staff at almost any law abiding store can't really touch anyone for fear of being sued and they aren't cops with those powers, so once causing trouble inside they can only really shadow them and ask the to leave until the police arrive.
            Thirdly, the same person with a photographic memory can't recognise all the troublemakers from every shift and immediately spot them on walking in -

            Companies have been putting CCTV snapshots / photos and names up on the wall and expecting staff to recognise them and deny entry or service for as long as I can remember - a very error-ridden system versus doing the exact same thing with a camera and facial recognition in a secure system not used for marketing or anything else.

            Its no different - just an old luddite judge not understanding technology as happens from time to time.

            • JH100 on 22/11/2024 - 17:09

              @MrFrugalSpend: "Firstly in trouble areas they do."

              Isn't that the only place they need security?

        • spixder on 22/11/2024 - 17:03

          Big difference between facial recognition and CCTV. Can't see how it's a government overreach when Bunnings breached privacy laws, it's their own dumb fault for not going about it in the proper way.
          Facial recognition to identify offenders, what are they gonna do when one walks in? Call the police in advanced? Have staff tell them they can't come in and cause a scene.

          • 91rs on 22/11/2024 - 19:44
            +3

            @spixder: Probably call the police and let them know the person who attacked staff or stole items or whatever has returned and is in store.
            Then wait and be disappointed by the reaction times of police in Australia as they don't arrive in time to do anything quite often.
            I've run my fair of retail stores and have at times locked stores while dealing with return offenders while others call the cops to show up, fraud and theft is one thing but assault on employees isn't ok, maybe you've not dealt with the wedge of society that is just pure trash enough to know how bad it gets.

            I see no issue with it given the very short time of storage and the use case as long as it's not expanded to other things.

            I do have a problem with the Scentre Group/Quividi screens that use cameras and detection/recognition to track your movements around a Westfield for advertising purposes or to see how much you shop, where you shop and gather that sort of info just to be better able to advertise.
            That is more insidious and has higher chances of becoming more invasive for people who just go to the shops.

          • MrFrugalSpend on 22/11/2024 - 23:05

            @spixder: Given governments write the laws, and are interpreting and implying them… that's what makes it government overreach. It's all government action.

            I didn't read into the full detail but from a basic overview, I believe personal information was defined as "Information or an opinion about an identified individual, or an individual who is reasonably identifiable".

            This was semantics over interpretation. This sort of tech didn't exist when it was written. It was written about "information" - which traditionally meant things like people's identifying details Name & DOB correlation, address, medicare number and medical history etc was private information. Bunnings didn't see using this software it as gathering "information" about people - the secured software was simply doing its thing the same as if you trained security staff to look at photos and the CCTV and spot troublemakers - they automated it using AI especially since capturing CCTV images has been allowed to date.

            The privacy commissioner then decided to interpret the poor definition of the laws to determine what the software was doing was collecting personal information because it was collecting characteristics about people by measuring them etc. They were correlating that data to identify the troublemakers, i.e. making it reasonably identifiable data. It's a new decision - it was not clear cut prior to this decision that it was breaching privacy laws.

            If it were me, I think the law makers should allow this provided it is consented to on conditions of entry and kept secure for security purposes. Otherwise, it is government overreach.

    • siresteelhell on 20/11/2024 - 20:45
      +2

      Im sure you are in favour of the "misinformation" bill too….

    • Zapwap on 20/11/2024 - 20:53
      +1

      This. People like this is what I don't want the future ozbargain generation to know about FFS.

      • Fredfloresjr on 20/11/2024 - 20:56
        -4

        Don’t bother, same don’t want to meet you either ahaha I can imagine how affected are you by this. No time. Thanks

        • Zapwap on 20/11/2024 - 21:02
          +1

          Are you sure? We must have crossed paths at bunnings sometime..

    • dafatha on 21/11/2024 - 00:28
      -2

      “Those who would give up essential liberty to purchase a little temporary safety, deserve neither liberty nor safety.”
      ― Benjamin Franklin

      • MrFrugalSpend on 21/11/2024 - 23:08
        +1

        We aren't giving up any liberty - "the state of being free within society from oppressive restrictions imposed by authority on one's way of life, behaviour, or political views" - Bunnings are not restricting your way of life or political views or holding you a slave by using this tech! So long as they make it clear in their conditions of entry and use it appropriately as they have - you are free to shop at Bunnings or not. That's your liberty. It's Bunnings as a private company that is being forced to give up a liberty by this decision. They aren't using the data for anything other than identifying people who have broken the law in their store so they can exercise THEIR liberty to exclude those people from their property so their staff are safe. The government is FORCING them to give up that liberty through their government overreach.

        I can't really see how it is any different from the thousands of times a year we appear on CCTV, traffic cams, plus tracked all over the place - on our phones, the internet etc. It's far less intrusive that most of that.

    • knk on 21/11/2024 - 11:23

      You probably don't actually know what facial recognition is / what the requirements would be.

      You need to consider where this data is stored, how are we identify fredfloresjr, is there a unique identifier tied to him, what do we do with the data, who has access to see when you frequent the store.

      Stalkers best case scenario really if they had access.

      You need to consider ALL implications of how mismanaging your largely pointless from a loss prevention point of view facial recognition may affect customers / the public when abused.

    • spaceflight on 21/11/2024 - 21:18
      +1

      Most CCTVs now are equipped with facial recognition.

      No they aren't

      Cameras might have facial detection in them to detect a face, but that doesn't identify the person, it just knows there's a face. That's not a privacy issue.

      Cameras don't have facial recognition in them, to do that you need a database of people faces with names/profile so that the face can be linked to an individual.

  • Alley Cat on 19/11/2024 - 11:26
    +3

    Isn't this standard in colesworths though? I thought there was some sort of condition of entry written on a wall somewhere in the stores.

    • c64 on 19/11/2024 - 11:33

      iirc they use height or something like that to track, not facial recognition

      • Alley Cat on 19/11/2024 - 12:35
        +7

        They fail at that if height is what they use. The cameras are always on my forehead, I'm tempted to put a pair of googly eyes there to see if that breaks the system.

        The checkout system definitely uses some sort of recognition system, though. It has been very good at detecting the fruits and veggies.

        • Chandler on 19/11/2024 - 16:12
          +1

          The checkout system definitely uses some sort of recognition system, though. It has been very good at detecting the fruits and veggies.

          It does - I noticed it being pretty intelligent when providing options for selecting fruit/vegetables and so I asked the staff member monitoring the self serve area. They said that the cameras on the register are recognising the item and only providing relevant options.

          • resisting the urge on 21/11/2024 - 08:55

            @Chandler: Woolies were pinged for using biometric data at the self-serve checkouts a long, long, time ago.

            Despite this clear warning, and advice from any tech person with a pair of eyes or ears, Bunnings carried on with their IoT camera rollout.

            https://www.internationalaffairs.org.au/australianoutlook/re…

            Their lobbyists clearly already knew OzGov would be happy with them mining the Peasant's personal biometric resources. Like some mineral resources, and LNG, mates all get to collect for free.

            These devices are all vulnerable to abuse, and use cloud-based recon by default. China gets all the data before Bunnings', law enforcement (or even your local librarians), which is why the spooks eventually told OzGov to buy using security-approved producers. They fell short of going any further and providing direction to business. Perhaps our pollies pay others to goto the Boonoir, while they consume grapes somewhere nicer.

            If enough customers asked Bunnings to sack their CEO for collecting and sharing our biometric data with world+dog it would work. Or if their shops began suffering at the till. OzGov are incapable or making them re-think such evil activity or even making them even respect existing (inadequate) laws.

            I've gone back to my local businesses since they started turning their stores into Colditzes, what with all these cams, robotic checkouts, and constant loud-hailed propaganda announcements telling us to manage our behaviour, or else!

      • JIMB0 on 19/11/2024 - 13:38
        +2

        Skin colour as well.

    • ihfree on 19/11/2024 - 12:09
      +8

      No.

      https://www.woolworthsgroup.com.au/au/en/privacy/in-store-te…

      It’s also important to note that we do not use facial recognition technology in any of our store

      https://www.smh.com.au/technology/the-self-serve-is-frustrat…

      "Cameras used by Coles do not record personal information or have facial recognition" (December 2023)

  • pharkurnell on 19/11/2024 - 11:47
    +2

    I think people might be surprised how normal this is for big business..

    • ihfree on 19/11/2024 - 12:07
      +3

      IIRC, three stores have tried this - Bunnings, Good Guys and Kmart. Are you aware of any others?

      • Vater Woods on 21/11/2024 - 21:33

        Costco Ringwood have recently put it in place, I hope they get sued.

    • Goremans on 20/11/2024 - 17:22

      Proof? Or just a "feeling"?

  • Benoffie on 19/11/2024 - 12:04
    +1

    Excellent and hopefully will see flow on to other retailers

    • HangryCakeStore on 20/11/2024 - 21:29
      -1

      How will they stop aggressive bogan tradies driving utes?

      • Benoffie on 20/11/2024 - 22:48

        But that's their core business 🤷‍♀️

  • DoctorCalculon on 19/11/2024 - 12:25
    +13

    I would like to see the stats on how many thieves they actually caught using their facial recognition cams.

    • 7ekn00 on 19/11/2024 - 13:17

      And if your worried about the size of your appendage, who cares, just hang it out …

      And if your worried about that hemorrhoid, just bend over and take it …

      Hang on, you don't need a hemorrhoid for that, just obey what @TheMindsetTraveller says is acceptable! (might be time to immigrate to China)

    • pharkurnell on 19/11/2024 - 13:21
      -2

      Not sure why your negged… its all true…

  • theHMASfriendship on 19/11/2024 - 13:02
    +3

    I’m looking forward to their AI powered onions so they can return to their rightful place atop the sausage

    • AustriaBargain on 19/11/2024 - 14:01

      Maybe they should start doing brain detection for JV and his sock puppets 🤔

  • Sye on 19/11/2024 - 13:35
    +11

    I'm waiting for some dodgy lawyer to do a class action. I want a free bunnings sausage as compensation.

    • HangryCakeStore on 20/11/2024 - 21:31

      Not unless u one of those aggressive bogan tradies driving utes in mullets

      • Randolph Duke on 22/11/2024 - 01:43
        +2

        Did a bogan run off with your girlfriend, wife or mother? You’ve posted the same variation of comment multiple times.

        • pkjai on 22/11/2024 - 06:29

          Not just a bogan, but a bogan tradie that drives a ute.

  • haemolysis on 19/11/2024 - 13:40
    +2

    Privacy-conscious will not like this assertion, but… such rulings are based purely on a technicality of technology. Loss prevention officers walk around doing "facial recognition" every day. They can "recognize" you, follow you, and they can take note of your activity even before you enter the store. Consent is not asked, and in fact, it is not required at all. Many of them have a list of persons of interest they follow. But when software does their job, it's now a weird quirk of the law that now it's a problem.

    Mind you, I'm not saying this to "devils advocate" and cry "boohoo poor innocent business" or anything. But my concern is, our local privacy legislation is just… well, it is unclear. Rulings like this could easily go one way or the other depending on the whims of the commissioner. We don't have any robust framework for what data is/isn't ours, and how consent is given, and how it can be revoked, if at all. We don't have a "Australian GDPR" for example.

    So I think it's to be expected that businesses are "doing their own thing." Nobody is telling them what the boundaries are. Of course it becomes a wild west.

    • mskeggs on 19/11/2024 - 16:18
      +10

      Do you really think that automated, country wide facial recognition systems are identical in their privacy threat to a security guard at one location?
      But I agree the privacy regulations need a drastic overhaul.

    • foursaken on 20/11/2024 - 14:45
      +6

      I think you're slightly missing the point. The issue isn't the facial recognition, the issue is the database behind it. It's the collection and storage of your personal data without your consent, using something that can be hacked or otherwise misused without your knowledge.

      Yep, we can have the same OUTCOMES using people, you're correct, and that's the way it was done before we had this technology.

  • JimmyF on 19/11/2024 - 14:15
    +2

    The Commissioner has ordered Bunnings not to repeat the behaviour and to destroy all personal information collected.

    Oh how will Bunnings recover from that……. Oh wait, they didn't get fined, slap on the wrist at most, and told to put up a tiny sign to say they collecting this data.

    • resisting the urge on 21/11/2024 - 09:12

      Who will check the data was not backed-up or transferred elsewhere?

      Or even appropriately deleted, for that matter.

      There are many third party services actively targeting corporates to supply services that provide matches with other 'sources' and to automate the commencement of police investigations and drive the apprehension of ay individuals that come up as a positive (false, or otherwise) match.

      Does Bunnings even know who else could have collected it, or how many individuals have had, or even currently, have access?

      Did the Commission even think to ask, let alone verify the answer?

      Especially given that once the data is shared outside Australia, it cannot be regulated or in any practical way controlled.

      Simple things like, "Apart from the Facial Recognition Technology you use within your own perimeter, do you know if data from the cameras could have transferred elsewhere? What controls and metrics have you in place to ascertain the extent of any changes?" The commission only seems to have asked questions about the 'FRT' system itself.

      If Bunnings are like other businesses, their cams and other devices handling CCTV traffic would have been accessible by many more parties than they could imagine- not just their IT staff and contractors.

  • hasher22 on 19/11/2024 - 14:50

    Doesn't Woolies have facial recognition? I swear I read or heard an employee they're releasing it

    • H3R34TH4C0MM3NTS on 19/11/2024 - 17:19

      Well there is a camera at every self checkout …. so yes they have this capability. what they are will to say about this publicly is another discussion

      • Nalar on 21/11/2024 - 11:20

        They have object recognition on the self serve (and the scale in Fruit & Veg).

  • KaTst3R on 19/11/2024 - 15:41

    I better do my hair and make up the next time i go to Bunnings.

  • Cluster on 19/11/2024 - 16:02

    Wear a hat to beat the face detection. My local casino requires hat removal prior to entry so the cameras can spot banned gamblers. Bunnings won't stop you coming in wearing a hat.

    • TheMindsetTraveller on 19/11/2024 - 16:11

      Wear a hard hat, makes you even look more legit without being seen.

  • H3R34TH4C0MM3NTS on 19/11/2024 - 16:17
    +1

    With so many Degenerates in our community, I'm not surprised big businesses are doing this, you only have to work in retail or a customer facing environment to see the worst that humanity has to offer. With the courts and the police not being hard on theft and crime sadly we are that the stage where we can no longer be anonymous when going about our business. This means to enter any private premises you will need to confirm your identity and this is the solution they will go with.Soon they will start making a condition of entry They are already doing this in all sorts of places, like passport control in airports, to license plate capture at the petrol station. There will be 3rd party companies who will maintain large databases for identification matching services.

    • mskeggs on 19/11/2024 - 16:23
      +4

      Several comments seem to think this targetted at theft, when this kind of data accumulation will be used to target you with tailored pricing etc. designed to maximise profits.

      It is amusing to see people defending stores against some possible shoplifting when the real benefit to the big shops is about squeezing their law abiding customers.

      If you only buy Toyotas because you value their reliability and quality you don't want the car dealer to know that when you are haggling for your next Camry.

      • H3R34TH4C0MM3NTS on 19/11/2024 - 17:18
        -3

        Why does theft and loss prevention and customer profiling to maximise profits have to be mutually exclusive. Big business will want to do both, both are real benefits , tackling both of these will optimise thier revenue.

        Your car dealer is already doing this. they know when you last purchased a vehicle and with high probability when you are going to purchase your next one.

        you don't think the residential real estate industry doesn't collectively maintain a register or database of low value and high value tennants.

        Now that its 2024 and big data has arrived, there is no stopping this and there is no way of regulating it unless you allow unfettered administration access to audit the it systems enabling these capabilitites.

        If this technology stops the next machete weilding teenager from terrorising retail staff this is the way it's got to be….and this is why we can't have nice things.

        • mskeggs on 19/11/2024 - 17:24
          +6

          I don’t get the hand wringing, and idea that “well, if it possibly might do something good, its the way it has to be” or the idea that we can’t have regulations that stop surveillance being used disproportionately because somebody already has done it?

          Why can’t we ask for some evidence that the risk of machete wielders is high and that surveillance will stop them? Why can’t we make a regulation that allows audit access in the case of a whistleblower or other investigation?

          Why is it OK for big business to spend millions to take away privacy, but all too hard to regulate them in a way to minimise privacy violations?

          • H3R34TH4C0MM3NTS on 19/11/2024 - 17:39

            @mskeggs: Because this requires government agencies to have the resources and expertise to do so, and the technologists are always a step ahead of any regulatory framework that is proposed or enacted.

            Also governments also like the idea of keeping tabs of thier citizens whether the motives are nefarious or not. So why not let the private sector do it and use thier service offerings because the idea of the government setting up a system to keep tabs on citizens is just politically incongruent.

            What will happen is there will be a token framework set up so say regulation exists but will be ineffective. This is beyond the consciousness of the ordinary citizen to there will be no political will to do this properly, unlike dare I say firearms and gun control, where citizens can contextualise something like this more easily, and one active shooter incident really brings things into focus.

            If the customer facing retailer ie Bunnings or Woolies is not allowed to do this in-house they will subcontract out these services out to third parties to "comply" with the regulations and simply say " We don't collect your data or Personal biometric information"

            • foursaken on 20/11/2024 - 14:49
              +1

              @H3R34TH4C0MM3NTS: Err, sorry, isn't the point of this thread that the regulation WORKED and Bunnings were caught out?

              You seem to have a conspiracy theory bent, and not understand how laws work. Outsourcing crime is still crime.

              • H3R34TH4C0MM3NTS on 21/11/2024 - 14:33

                @foursaken: Regulation hasn't "worked" there is no regulation. It's just the privacy commissioner saying Bunnings have been naughty little boys and bunnings voluntarily saying "oops" we'll delete all our Pr0n now.

                There's no conspirators bent on this, this is all a PR exercise , why did Bunnings release some of the CCTV footage with customers terrorising staff and shoppers with a shotgun. This is to get the public to sympathise with them.

                Outsourcing crime is perfectly legal, Just take a look at Transurban and Australian Pacific Airports (who operate Melbourne Airport) robbing citizens every day legally on behalf of the government. If thats not morally criminal , I don't know what is.

            • mskeggs on 20/11/2024 - 20:52
              +3

              @H3R34TH4C0MM3NTS: When I can vote Bunnings out of office, I’ll start giving them central powers. You and I can differ on whether government is effective, but surely you can agree there are things businesses should be restricted from doing?

      • haemolysis on 20/11/2024 - 10:03

        There's no realistic chance they're using such data for marketing.

        People think because they imagined such a scenario could happen, that ergo it must indeed actually be happening. It's not the case.

        If you sign up for a few loyalty cards and actively give these companies your data, you can see just how poorly they "target" their promotions and ads. These companies typically mass-produce the same (non-targetted) advertising for everyone. Everyone gets the same specials, the same flybuys deals, the same promo pamphlets, etc.

        To think that it's some fine tuned, all-seeing, all-powerful machine that takes in data from all angles and watches you in store and calibrates the next move is… over the top.

        This data is not meaningful. They already have sales captured at the register.

        • foursaken on 20/11/2024 - 14:51

          Yes, how would they be able to unite all this data? Surely they would not be able to tell how long you spend in-store, how much you spent and on what? What use would any of that be? /s

      • gromit on 20/11/2024 - 19:04
        +1

        If you actually read details of what they were doing you would see they are NOT collecting any data. What was deemed "collection of data" was them holding the image in memory for 4/1000th of a second while they processed it and then deleted if not one of the violent offenders they were trying to defend against. This was a fantastic example of how businesses SHOULD be able to use facial recognition as it was done in a non privacy invasion way, sadly the luddites ruling on this didn't understand the technology enough.

        • mskeggs on 20/11/2024 - 20:50

          I think the issue is more that they didn’t they didn’t follow the privacy principles, which doesn’t bode well that when someone in the customer retention team says “since we have this in place, let’s just increase the scope a little”.

          • gromit on 20/11/2024 - 21:01

            @mskeggs: I Can understand their view though, if i built that i would not consider holding a picture in memory for a fraction of a second as collecting and storing private info, i kd consider it the opposite. The system is designed with privacy in mind with nothing for a customer retention team to use, just the moronic ruling that having in for a fraction of a second constitutes collection.

            • mskeggs on 20/11/2024 - 21:07

              @gromit: The criticisms in the parts of the judgement I saw in the media were that they didn’t inform people adequately, or seek their consent, they didn’t update their privacy policy, and that they recorded everyone, not just those who might pose a problem (that is, they didn’t consider no surveillance and using other measures).

              The Australian Privacy principles are very weak, and that they didn’t follow these simple things suggests the vibe at Bunnings is one where they decide if something is privacy invasive or not - which is what they have doubled down on in their statement.
              I’m happier with regulation deciding whether something is important, rather than someone in Bunnings ICT team who says “it isn’t surveillance because we only keep it for a fraction of a second, so we can do it in secret.”

              • gromit on 20/11/2024 - 21:54

                @mskeggs: The point of recorded EVERYONE, was they considered stored in memory for processing for a fraction of a second storing and collecting. Bunnings have said they are appealing the decision as they rightfully should, it was a really bad call. The only part they got right is bunnings should have clear signs posted. Bunnings obviously didn't think they were recording or storing information on everyone as they weren't, they were immediately deleting, i.e. deleting after a fraction of a second after the images were processed.

  • ajd71 on 19/11/2024 - 19:20
    +6

    If you read the judgement there is no discussion about the legality of facial recognition technology (FRT) and implications for using FRT under privacy law.

    The judgement is that Bunnings did not have sufficient risk/concerns to utilise it. (IE the threat to staff/stock from people who could be identified by the system was insufficient to merit utilising FRT).

    This is something that I'm sure will be challenged, because no one should be put at risk by being at work, and identifying known high risk targets potentially reduces this risk.

    • mskeggs on 20/11/2024 - 21:03
      +2

      There was less crime and road deaths during COVID lock down, does that mean we should all be locked down?
      Since they operated the system, how many incidents were avoided? I note they didn’t mention any figures on this in their statement.
      The criticisms of Bunnings in the reports I have seen relate to using a sledgehammer to crack a walnut - everyone is surveilled, not just those who might deserve to be, and the lack of compliance with privacy principles, like including it in their privacy policy and adequately notifying people.

      The Australian Privacy Principles are very weak. That Bunnings did not follow them in this case is a pretty clear demonstration that they aren’t very good at balancing privacy versus harms of surveillance.

    • CommuterPolluter on 22/11/2024 - 08:48

      It hasn’t been explained to me how this facial recognition tracking benefits the 17 year old girl expected to stand between a junky and his powertools. Is there a bunnings security strike force waiting to be dispatched?

  • plapic on 20/11/2024 - 11:36
    -3

    If you want privacy don't go out in public.

  • NevC on 20/11/2024 - 11:45
    +1

    I just watched some videos of crazy people that shop at Bunnings. I've never personally seen anything like it, while I have been there. Must go there more often.

Login or Join to leave a comment
Login Join