A
What happened
The Australian Information Commissioner has determined that Kmart breached privacy regulations by employing facial recognition technology to gather personal data from customers in 28 stores between June 2020 and July 2022. This system aimed to prevent refund fraud but was criticized for being disproportionate and ineffective. Kmart's spokesperson expressed disappointment with the ruling and indicated plans to appeal, citing rising theft and violence as justification for the technology's use. However, the Privacy Commissioner emphasized that the collection of biometric data without consent violated privacy rights, as customers were not informed of the data collection process. The ruling underscores the need for transparency and express consent in handling sensitive information, particularly as surveillance technologies become more prevalent in retail environments.
★
Key insights
-
1
Privacy Breach: Kmart's use of facial recognition technology violated privacy laws.
-
2
Ineffective Fraud Prevention: The technology was found to be ineffective in preventing refund fraud.
-
3
Lack of Consent: Customers were not informed or asked for consent regarding data collection.
-
4
Appeal Planned: Kmart plans to appeal the decision, citing safety concerns.
Takeaways
The ruling highlights the critical need for privacy protections in the use of surveillance technologies.