Latest news with #facialRecognition
The Guardian
5 days ago
- The Guardian
Facial recognition technology needs stricter regulation
The Metropolitan police's recognition of the value in 'some sort of framework or statutory guidance' for live facial recognition is welcome (Live facial recognition cameras may become 'commonplace' as police use soars, 24 May). However, it is not just police use of this technology that needs a clear legal framework. Despite the scale and speed of its expansion, there is still no specific law providing a basis for live facial recognition or other emerging biometric technologies, whether these are used in the public or private sector. Biometric surveillance is expanding rapidly, not just in policing but across society: in train stations, schools and supermarkets. Newer biometric systems go further, claiming to infer people's emotional states, raising serious concerns about their accuracy, ethics and legality. In 2020, the court of appeal – in the UK's only judgment on live facial recognition to date – found a deployment by South Wales police was unlawful. It identified deficiencies in the legal framework and set out minimum standards for lawful use. Since then, a patchwork of voluntary guidance has emerged. New research from the Ada Lovelace Institute has found this patchwork is inadequate in practice, creating legal uncertainty, putting fundamental rights at risk and undermining public trust. Crucially, we find that non-police uses, such as those in the private sector or involving inference, are subject to even fewer safeguards and so stand on far shakier legal ground. Governance is simply not keeping up with technological adoption and advancement. Policymakers must act. We urgently need new legislation to establish a comprehensive framework covering all forms of biometric surveillance and inference – not just police use – and an independent regulator to oversee and enforce BirtwistleAssociate director, the Ada Lovelace Institute
RNZ News
15-06-2025
- Business
- RNZ News
Facial recognition technology supported by big name retailers
Large retailers support having facial recognition technology in their stores. Photo: RNZ The heads of a dozen of the largest retailers and telcos in the country have come out in strong support of using facial recognition technology in their stores. This follows the Privacy Commissioner giving what he called a "cautious tick" to a trial in New World and Pak'nSave supermarkets. "The undersigned major New Zealand retailers strongly support the use of fair and accurate technology to protect our workers and customers," said a statement at industry group Retail NZ's website . Without saying when they might start using it, they stated they would work now to develop "best practice". "We recognise that technology must be used in a fair and accurate way." The letter was signed by the heads of Briscoes and Rebel Sport, Bunnings and Mitre 10, Michael Hill Jewellers, Farmers and The Warehouse, the two Foodstuffs supermarket groups in the two islands as well as rival Woolworths, and telcos One NZ and Spark. Privacy Commissioner Michael Webster had said his report was "not a green light for more general use of FRT" (facial recognition technology). "However, we recognise the importance of the issue for many businesses." The trial let other businesses ask themselves the right questions about whether to use FRT and in what ways to protect privacy, Webster said. There were significant caveats. "While the percentage of misidentifications may be small, rolling FRT out at scale would mean that large numbers of people would be misidentified." Foodstuffs North Island's own research suggested 900 shoppers a year could be misidentified in its stores alone. The commissioner suggested raising the algorithm accuracy from 90 percent to 92.5 percent, among other measures. A Māori Reference Panel set up at the end of 2024 told the commissioner it opposed FRT's use in supermarkets. This was "given the vital role of supermarkets in providing access to food, the current supermarket duopoly which means there are limited alternative options for people who are barred from entry, and the concern that the whole population of Aotearoa will be subjected to surveillance in supermarkets in order to reduce instances of harmful behaviour by a small minority of customers". Retail NZ's Carolyn Young said for someone to be on the watchlist, they had to have offended and/or been abusive and/or aggressive in store and trespassed. If someone was trespassed from a retail environment, they currently are not able to return to that store for two years. "What we know in retail is that recidivous offending is very high - between 35-50 percent (depending on the sector) of offending is done by recidivous offending. "So we know that even though someone has been trespassed, they continue to come back into store," Young said. "FRT will enable stores to identify these individuals as they enter store to ensure that the store is safe for staff and customers. "FRT does not enable customers to be monitored. It takes an image of people as they enter the store and if they are not on the watchlist, then they are deleted immediately. "FRT does not provide ongoing monitoring throughout the store, just one photo/image as someone enters." Facial recognition technology does not monitor shoppers. Photo: 123RF The big-store signatories said they acknowledged the commissioner's oversight, and Foodstuffs for leading the way with its trial. "The use of FRT in the right settings with the right controls will provide positive benefits and outcomes for customers, retailers and workers, while not impeding on the privacy of New Zealanders. "The vast majority of customers will be able to go about their business as usual and will in fact be safer in those stores where FRT is used," the Retail NZ statement said. Webster also stressed it would be "highly desirable" to do training of the FRT algorithms on New Zealanders' faces, by consent, to cut down the risk of bias and inaccuracy. Very limited such testing by the Department of Internal Affairs last year found the imported tech it is currently using was accurate. Many multiple FRT systems are on offer that return different rates of accuracy in independent tests by the US-based benchmarking agency. In Australia, Bunnings had been in a legal fight with a watchdog that asserted its facial recognition there impinged on people's privacy. Reports of the tech being used at supermarkets in an isolated way in New Zealand date back to at least 2018. Researchers foresaw the tech spread in 2021. "Private sector use of FRT-enabled surveillance is likely to increase, particularly in the retail sector, especially as these services come 'baked-in' to vendor offerings," their landmark report for police said. That contributed to police deciding not to use FRT on live camera feeds , a constraint they say they have stuck with till now. In Britain, the tech's spread, for example in airports and shopping centres, prompted the government's biometrics ethics group in 2021 to recommend oversight by an independent ethics group including of collaborative FRT use between retail and police. Young said Britain was a long way ahead of New Zealand in terms of the implementation of FRT and had used CCTV actively in the community for many years. Here, the Office of the Privacy Commissioner (OPC) would carry out the role of oversight, she said. "It may be in the future that there is a need for another regulatory body to do this work, but while we are in our infancy of implementation and the OPC has been very clear about how it is to be rolled out, we believe that the parameters for implementation are very clear." The Privacy Commissioner's report does not contain a similar recommendation. It mentioned Foodstuffs auditing how it compiled watchlists of people for the camera-software to look out for, but not that this should be independent. The signed Retail NZ statement did not mention independent overview. Australia's privacy regulator signalled in March it would be proactive in regulating biometric information . Biometrics include face, fingerprint and iris - unique identifiers of who a person is. The Office of the Australian Information Commissioner - it had taken on Bunnings, which was appealing - put this in a wider frame: "Our research told us that more than a quarter of Australians feel that facial recognition technology is one of the biggest privacy risks faced today, and only three percent of Australians think it's fair and reasonable for retailers to require their biometric information when accessing their services". "Thinking about what the law permits, but also what the community would expect" was critical. Sign up for Ngā Pitopito Kōrero , a daily newsletter curated by our editors and delivered straight to your inbox every weekday.
Irish Times
12-06-2025
- Irish Times
Department of Social Protection fined €550,000 over facial scans
The Department of Social Protection has been fined €550,000 after data protection watchdogs found 'a number of deficiencies' in its compliance with European data privacy rules concerning the use of facial scans in issuing Public Services Cards. The Department was also ordered to come up with a valid lawful basis for the use of facial scans and facial matching software for the registration of Public Services Cards within nine months, or it must stop using it. The decision is the result of an inquiry that the Data Protection Commission commenced in July 2021, examining the department's processing of biometric facial templates and the use of facial matching technologies as part of the registration process for the Public Services Card. The department uses Safe 2 registration to verify identity when accessing public services. The process involves a photo of the applicant, which is then run through software to check against images used in other Safe 2 registrations. This is designed to prevent duplicate registrations. READ MORE The registration is mandatory for applying for a Public Services Card, of which 3.2 million are in existence, and is necessary for certain services, including welfare payments. [ 'No legal basis' for photo database created using Public Services Card Opens in new window ] However, that means there is ongoing collection, storage and processing of sensitive personal data on a large scale by the DSP, which requires precise legal justification, the DPC said. The inquiry looked at whether the DSP had a lawful basis for collecting biometric data for conducting facial matching as part of Safe 2 registration, if it could retain that data, if it complied with transparency obligations, and if it had carried out an adequate Data Protection Impact Assessment. The DPC found the department had infringed data protection regulations on a number of fronts. In its decision, the regulator said it failed to identify a valid lawful basis for the collection of biometric data for Safe 2 registration at the time of the inquiry. As a result, it also infringed GDPR by retaining biometric data collected as part of Safe 2 registration. The DPC also penalised the department for infringing its obligations on transparency, and for failing include certain details in the Data Protection Impact Assessment that it carried out. The DPC said it had reprimanded the Department of Social Protection and issued the administrative fines. The department must also stop biometric data in connection with Safe 2 registration within nine months of this decision, if it cannot identify a valid lawful basis for the data collection. 'It is important to note that none of the findings of infringement identified, nor the corrective powers exercised by the DPC, pertain to the roll-out of Safe 2 registration by the DSP as a matter of principle. The DPC did not find any evidence of inadequate technical and organisational security measures deployed by the DSP in connection with Safe 2 registration in the context of this inquiry,' said deputy commissioner Graham Doyle. 'This inquiry was concerned with assessing whether the legislative framework presently in place for Safe 2 registration complies with the requirements of data protection law and whether the DSP operates Safe 2 registration in a data protection-compliant manner, and the findings announced today identify a number of deficiencies in this regard.' A previous inquiry into the processing of personal data in connection with the issuing of Public Services Cards was concluded in 2019, with the department initially appealing the DPC's decision before withdrawing the action and coming to an agreement with the watchdog.
Forbes
10-06-2025
- Politics
- Forbes
The Wiretap: Facial Recognition, Amazon Ring, And Surveillance Of The LA Protests
The Wiretap is your weekly digest of cybersecurity, internet privacy and surveillance news. To get it in your inbox, subscribe here. The protests in LA are being captured by all manner of surveillance devices. But federal and local police have different restrictions on what they can do with the footage (Photo by) 'I have all of you on camera. I'm going to come to your house.' Those were the words coming from an LAPD officer in a helicopter over LA protestors, according to the LA Times. The implicit threat, according to some privacy advocates, was that the cops would use facial recognition software to identify and locate those protesting Immigration and Customs Enforcement (ICE) raids. It's not quite so easy to do that, though. A source close to the agency, who was not authorized to talk on record, told Forbes that LAPD will be going through camera footage - whether shot from a helicopter, surveillance cams or bodycams - and try to identify people. However, the LAPD can only search for matches from police-owned arrest records, namely, mugshots. Its own rules don't allow it to search for matches across other sources, such as social media. Federal agents, however, don't have the same restrictions. Any federal agent using Clearview or an alternative can take the same footage and run facial images to find matches across photos scraped from social sites. One of Clearview's best-known federal customers is ICE, which typically uses it in child exploitation cases. It's unclear how often the agency uses it for immigration enforcement. Neither ICE nor the LAPD had responded to requests for comment at the time of publication. Law enforcement has another potential source for protest footage: video from Amazon Ring cameras or its competitors. Though Amazon has stopped cops requesting information directly over the Ring Neighbours social platform, federal and local cops can demand data recorded by those devices with a court order. The video could then be used to identify protestors. While the source close to LAPD said they weren't aware of any specific uses of Ring around this week's events, they said it's certainly a capability that exists. Meanwhile, concerned citizens have also been using Neighbors to share footage of ICE raids and agents in the L.A. area, either to warn about them or to celebrate the actions. In footage from Monday, identified by a Forbes' reporter, a Ring user shared footage they claimed showed ICE targeting laborers at a local Home Depot. Another warned about ICE agents at a mall and a Costco. Amazon Ring didn't comment on record, though a spokesperson pointed Forbes to guidelines that prohibit users posting on 'topics that cause inevitable frictions like politics and election information,' as well as 'highly debated social issues.' Its moderators might be busier than normal this week. Got a tip on surveillance or cybercrime? Get me on Signal at +1 929-512-7964. DOGE pre-Elon Musk's departure and break up with President Trump. (Photo by) The Supreme Court has given a green light to the Department of Government Efficiency to access Social Security Administration data. The decision came after the Trump administration had filed an emergency application to lift an injunction from a federal judge in Maryland. In its decision, the Supreme Court said DOGE staff needed the access to do their job. While the White House cheered the decision as a victory for fighting fraud and waste in federal agencies, opponents said the ruling 'will enable President Trump and DOGE's affiliates to steal Americans' private and personal data.' A cyber researcher found a way to identify phone numbers linked to any Google account. Google has since fixed the issue, which may have exposed users to SIM swapping scams. The DOJ has launched an offensive on the dark web marketplace BidenCash, where users buy and sell stolen credit card and personal information. The agency has taken down 145 domains across both the standard web and the darknet associated with the bazaar. The service has so far generated over $17 million in revenue, according to Justice officials. A man who controls much of the infrastructure that underpins Telegram also controls other companies with links to Russian intelligence agency FSB, according to an investigation by the Organized Crimes and Corruption Reporting Project's Russian partner, Important Stories. Telegram has not responded to the allegations. The Guardian has launched a new way to tip its reporters securely with an app simply called 'Secure Messaging.' It sounds pretty neat: 'The technology behind Secure Messaging conceals the fact that messaging is taking place at all by making the communication indistinguishable from other data sent to and from the app by our millions of regular users. By using the Guardian app, other users are effectively providing 'cover' and helping us to protect sources.' President Trump has been unsurprisingly careless with his personal iPhone, taking calls from numbers he doesn't recognize. That's despite repeatedly being warned about the heightened risks of foreign surveillance and interception that come with using a device with a 'broadly circulated number,' according to a report in The Atlantic.
The Guardian
06-06-2025
- Business
- The Guardian
Shopper put on Facewatch watchlist after dispute over 39p of paracetamol
A London woman has made a data complaint after discovering she had been put on a facial recognition camera watchlist at a Home Bargains store after a dispute over 39p worth of paracetamol. She learned of her entry on a database of banned customers when a member of staff at the store in Grove Farm retail park, in Chadwell Heath, asked her to leave and directed her attention to a Facewatch sign. Facewatch is a facial recognition system used by retailers to identify and deter shoplifters by analysing CCTV footage and comparing faces to a private database of known offenders. It triggers an alert to staff when a match is made by the software. Stores including Asda, Budgens, Sports Direct and Costcutter have used the technology, despite privacy campaigners arguing that the surveillance infringes the rights of shoppers. The 62-year-old woman, who has lost the confidence to go shopping on her own since the incident, according to her family, has made a complaint to the Information Commissioner's Office on the grounds that the Data Protection Act requires there to be a 'substantial public interest' for the processing of biometric data to be lawful. 'She's really struggling because even to go into Tesco she gets really stressed thinking 'or am I allowed? Would they kick me out?',' her daughter said. The woman from Romford, who has asked not to be named, had first visited the Home Bargains store with her daughter on 25 April to buy some products for an upcoming wedding. She picked up two packets of paracetamol and asked her daughter to pay for them while she went on ahead to Lidl next door. 'Mum has got this habit. She's got a few illnesses, but every time she goes to a shop she always buys paracetamol,' her daughter said. 'We always laugh at her that 'you are always stocking up'.' According to the complaint to the ICO, as she went to the exit 'she was accused by staff of theft, had her bag searched, and her own personal paracetamol (which she carries regularly) was confiscated'. She denied taking the paracetamol but was in a rush and so 'left the shop and she thought nothing of it', her daughter said. She had no idea that her name had been added to the watchlist until she returned with her two sons and daughter-in-law to the shop on 30 May to buy some snail repellent. She was allegedly asked to leave by a member of staff, whose offer of explanation was to point her to a Facewatch sign that was initially covered up. She 'later discovered that, based solely on this disputed and minor allegation, Home Bargains had added her biometric data to a Facewatch watchlist', it is claimed. The complaint goes on: 'To be clear: [she] did not steal the paracetamol during the first visit. The allegations by Home Bargains are false. However, even taking Home Bargains' allegations at face value, their – and Facewatch's – biometric processing was clearly not in the substantial public interest. 'The watchlist entry was created and acted upon in order to apprehend someone supposedly guilty of (on one occasion) stealing goods valued at less than £1. It is scarcely possible to imagine a less serious 'offender'.' The ICO separately investigated Facewatch in 2023 and asked for a series of changes. According to the new complaint, that investigation 'resulted in Facewatch being required to focus on 'repeat offenders or individuals committing significant offences''. Alex Lawrence-Archer, a solicitor at the data rights firm AWO, who is acting for the woman, said: 'This case shows that people can be added to the biometric watchlist for the most minor suspected offence, without being properly informed, and without having the chance to tell their side of the story.' Madeleine Stone, a senior advocacy officer at Big Brother Watch, which is supporting the woman, said there was no 'due process' to the addition of names to watchlists at retailers. She said: 'The government must urgently step in and stop retailers from subjecting shoppers to this Orwellian and discriminatory technology.' A Facewatch spokesperson said: 'Facewatch exists to help retailers prevent crime and protect their employees in a way that is lawful, proportionate and respectful of individual rights at a time when shoplifting in England and Wales has reached a record 516,971 offences, and incidents of violence and abuse against retail workers have surged to more than 2,000 per day. 'It would be inappropriate to comment on this matter while a legal process remains ongoing and, notwithstanding that, Facewatch would not be able to disclose personal data about an individual or the facts of any individual case. Facewatch is committed to transparency, accuracy, and upholding the highest standards of data protection and public reassurance and our technology and processes remain fully compliant with UK data protection legislation and latest regulatory guidance.' A spokesperson for TJ Morris, the owner of Home Bargains, declined a request for comment.
