Australian Privacy Commissioner Says 7-Eleven Broke Privacy Laws By Scanning Customers' Faces At Survey Kiosks
from the small-privacy-breach-with-larger-repercussions dept
Of all the places to come across illegal facial recognition tech deployment, a convenience store chain is certainly one of the strangest. The tech wasn’t deployed to stop shoplifting or keep unwanted people off the premises. Instead, somewhat ironically, it was deployed to help 7-Eleven convenience stores quantify how well it was doing in the customer service department.
Here’s Campbell Kawn for ZDNet (via Slashdot):
In Australia, the country’s information commissioner has found that 7-Eleven breached customers’ privacy by collecting their sensitive biometric information without adequate notice or consent.
From June 2020 to August 2021, 7-Eleven conducted surveys that required customers to fill out information on tablets with built-in cameras. These tablets, which were installed in 700 stores, captured customers’ facial images at two points during the survey-taking process — when the individual first engaged with the tablet, and after they completed the survey.
After becoming aware of this activity in July last year, the Office of the Australian Information Commissioner (OAIC) commenced an investigation into 7-Eleven’s survey.
The investigation [PDF] says 7-Eleven handled pretty much everything about this badly. It also shows the company tried to distance itself from its own tablet-based survey by blaming the third-party vendor handling the survey on its behalf.
The facial images were collected twice during the survey and stored locally on the tablets for about 20 seconds. After that, they went to the third party’s servers, where they were processed and converted into an algorithmic representation of the face. The original images were then deleted from the device used to perform the survey.
These “representations” were then used to check for matches on other surveys. This was done to detect any potential gaming of the system by individuals repeatedly performing surveys and to make guesses about the age and gender of survey takers. All of that data was deleted after seven days. In total, 1.6 million surveys were performed.
7-Eleven argued this was not a violation of Australian law because the images were not used to identify, track, or monitor respondents. It also said it had no access to facial images on the local device, nor any access to images once they had been moved to the third party servers.
Wrong, says the information commissioner. The problem isn’t how the collected information was handled. The problem is how it was collected. 7-Eleven needed consent from survey takers and didn’t get it. The commissioner found “no evidence” individuals “expressly” agreed to have their biometric information collected by 7-Eleven.
7-Eleven argued it did get at least implied consent. As evidence of this it offered the blanket notice displayed in front of all stores:
Site is under constant video surveillance.
By entering the store you consent to facial recognition cameras capturing and storing your image.
It also pointed to its privacy policy on its website — something survey takers weren’t presented with when taking surveys.
7-Eleven may also collect photographic or biometric information from users of our 7-Eleven App and visitors to our stores, again, where you have provided your consent. 7-Eleven collects and holds such information for the purposes of identity verification.
None of this is sufficient, says the commissioner.
Consent may not be implied if an individual’s consent is ambiguous or there is reasonable doubt about the individual’s intention. While I accept that use of the tablet was voluntary, I am not satisfied that the act of using the tablet unambiguously indicated an individual’s agreement to collect their facial image and faceprint, in circumstances where:
There was no information provided on or in the vicinity of the tablet, or during the process of completing the survey, about the respondent’s collection of facial images and faceprints.
The Store Notices were unclear, and, given the prevalence of these kind of notices in stores and public places, may have created an impression that the respondent captured customers’ images using a facial recognition CCTV camera as part of surveillance of the store.
The respondent’s Privacy Policy did not link the collection of photographic or biometric information to the use of in-store ‘feedback kiosks’.
Non-specific blanket statements about possible collections are not the same thing as informing survey takers prior to taking a survey that their biometric information will definitely be collected if they fill out a survey.
That’s some lawbreaking right there. The company that processed the facial images on behalf of 7-Eleven is ordered to destroy all faceprints collected by this survey. It’s also forbidden from engaging in this sort of thing again without securing explicit permission from clients’ customers. How much of a deterrent this is remains to be seen since the third party already declared all facial recognition data was deleted seven days after it was collected and processed.
The greater benefit of a ruling like this — especially one that deals with information gathered irresponsibly but apparently handled with more care once it was harvested — is the official reminder it sends to all Australian entities that may currently believe a link to a privacy policy buried on the bottom of a corporation’s website home page is all that’s needed to obtain “consent” for collection of personal info.
Filed Under: australia, convenience stores, facial recognition, privacy
Companies: 7-eleven
Comments on “Australian Privacy Commissioner Says 7-Eleven Broke Privacy Laws By Scanning Customers' Faces At Survey Kiosks”
"This was done to detect any potential gaming of the system by individuals repeatedly performing surveys and to make guesses about the age and gender of survey takers"
Truly bizarre. I can understand why they want to remove repeat users, but why were people using them in the first place? I’d imagine that they were directed to use them by staff, who would surely be able to recognise if people were coming back regularly enough to skew the survey. Then, I’m sure that there must be some standard statistical methods to account for this with paper surveys that would be applicable here.
Then, having a system try to guess demographics rather than relying on self-reporting? Maybe some people would lie, but surely the vast majority of people will just volunteer that information if they’re already willing to fill in a random survey. There’s no value to them personally by lying, and I’m not sure if the percentage of users who might deliberately lie would be offset by the error rate inherent in guesswork based on facial recognition in its current state, especially among minority populations among whom facial recognition is already highly suspect.
Other than "ooh new toys", I don’t see the value in implementing this, although I can certainly understand why people accepting such tech for security purposes would object to its use for something as trivial as a survey.
"
The greater benefit of a ruling like this — especially one that deals with information gathered irresponsibly but apparently handled with more care once it was harvested — is the official reminder it sends to all Australian entities that may currently believe a link to a privacy policy buried on the bottom of a corporation’s website home page is all that’s needed to obtain "consent" for collection of personal info."
Yeah… if a physical store is doing something that requires you to go online and read a legal document for you to understand what they’re doing while you’re there, that’s incredibly suspect. EULAs are bad enough when you’re accessing a specific website, let alone if you’re expected to understand them in order to pop in and grab a can of Coke on your way somewhere.
And I, in turn, imagine that 7-11 staff are neither part of a hive mind nor permanently on duty. (Though the thought of an Emergency Holographic Cashier ("What is the nature of your purchasing emergency?") amusing.) I’ve no idea how many visits might be required to skew stats, but coming in three times during a week, to each of 10 different 7-11s might be a start.
More, I can’t see why anyone would care enough to skew the survey results. Unless they were a disgruntled former employee.
Re: Re:
"I’ve no idea how many visits might be required to skew stats, but coming in three times during a week, to each of 10 different 7-11s might be a start."
Given that 1.6 million surveys were performed, I’d imagine that if someone was determined to try and skew the results they would be noticed.
"More, I can’t see why anyone would care enough to skew the survey results. Unless they were a disgruntled former employee."
I’d imagine competitor more than that, but I certainly don’t see anything that wouldn’t have been accounted for by pre-facial recognition surveys.
Hey, only the government is allowed to do that!
It is useful to report WHERE these faceprints are, given that "they were destroyed after 7 days"…
And the WHY:
In other words, 7-Eleven didn’t fill in a particular box.
This reeks of the government thinking they are entitled to a monopoly on the sketchy collection of this type of data. Will Australian police and intelligence be alerting people and asking their consent to obtain biometric data too?
I looked it up. You will not be surprised by the answer:
My main concern with 7-11 or any other private business utilizing facial recognition technology is that their database will fall into the government’s hands where the real violations of your privacy/rights will occur.