An investigation by Australia’s privacy commissioner found Bunnings used CCTV cameras to capture the face of every person who entered 63 stores in Victoria and NSW between November 2018 and November 2021, collecting sensitive information without customer consent.
Privacy commissioner Carly Kind said Bunnings had failed to comply with the Privacy Act, and ordered the company to not repeat or continue the practices, and destroy all the information collected via the facial recognition system. The company was not fined.
An investigation by Australia’s privacy commissioner found Bunnings used CCTV cameras to capture the face of every person who entered 63 stores in Victoria and NSW between November 2018 and November 2021.Credit: Louie Douvis
Kind said Bunnings had been co-operative throughout the investigation and paused its use of facial recognition technology pending the outcome.
“Individuals who entered the relevant Bunnings stores at the time would not have been aware that facial recognition technology was in use and especially that their sensitive information was being collected, even if briefly,” she said.
“Facial recognition technology, and the surveillance it enables, has emerged as one of the most ethically challenging new technologies in recent years.”
Loading
The Privacy Act classes facial images and other biometric information as sensitive information, Kind says, giving it a high level of privacy protection, including that consent is generally required for it to be collected.
“We acknowledge the potential for facial recognition technology to help protect against serious issues, such as crime and violent behaviour. However, any possible benefits need to be weighed against the impact on privacy rights, as well as our collective values as a society.
“In this instance, deploying facial recognition technology was the most intrusive option, disproportionately interfering with the privacy of everyone who entered its stores, not just high-risk individuals.”
Lisa Asher, a retail expert from the University of Sydney Business School, has recently completed a large research report on Bunnings’ business practices and use of technology.
She said that facial recognition technology had been widely implemented in many large-format stores including supermarkets and Bunnings.
“We are told this is because of a high level of theft occurring in these stores. They also claim [the financial recognition technology] is for staff safety,” she told this masthead.
“We are seeing technology outpace privacy laws, and we have an opportunity to re-examine the laws in the context of data privacy. A review of data privacy laws considering these technologies should take place to ensure that consumers are protected, and that data adheres to strict standards.”
The Business Briefing newsletter delivers major stories, exclusive coverage and expert opinion. Sign up to get it every weekday morning.