You’ve probably heard of facial recognition technology (FRT). Many of you probably even use it. I do.
My smartphone needs to recognise my face before it lets me use it. It’s not a bad security measure. If my phone is stolen, no-one else will be able to use it, unless they’re unfortunate enough to share my ugly mug.
As useful as it can be, what are the long-term implications of FRT? Who is behind the camera and can the information be exploited for nefarious purposes?
I must admit, there are times these days when I think it could prove very useful, depending on its ability. For instance, as I get older, I’m finding myself at more and more funerals.
This will often entail catching up with people I may not have seen for years. If the funeral is for an old school friend, it could even be decades.
Those decades can make quite a difference to a face. Some sort of FRT that could identify old friends based on how they looked in HSC would be very helpful!
For now, at the funerals I attend, I use my own inbuilt facial recognition technology. It’s based on simple mathematical formulae.
If I’m looking at man I think I may have once known, I add hair and subtract wrinkles (and possibly weight). For women, the equation is similar, although it usually entails adding hair colour, rather than hair.
But seriously …
Indeed, the use of actual facial recognition technology does have implications, particularly around the issue of privacy.
You might not know it, but many big concert venues and sporting events around Australia now use FRT. If you don’t know it’s being deployed, you’re hardly likely to have consented to its use. Where does that leave concert goers and sporting fans legally?
The conundrum has been taken up by Australian consumer advocate, CHOICE.
CHOICE’s consumer data advocate, Kate Bower, highlights just how little most of us know.
“I think one of the main problems from a consumer’s perspective is that they don’t know when facial recognition is being used,” she says.
“And then when they are told that it is being used, it’s very deep in some conditions of entry or privacy policy. They often don’t find out about it until after they’ve already bought a ticket.
“Even when they do find out, they have no idea what it’s being used for. They’ve got no idea how long their information is stored, how securely it’s stored. The consumers don’t really have a choice.”
Ms Bower’s observations do appear to be a cause for concern.
Who is using facial recognition technology?
Two of Australia’s largest venues, the Melbourne Cricket Ground (MCG) and the Sydney Cricket Ground (SCG), use facial recognition technology. Once you enter the MCG, you have legally agreed to the stadium’s use of your biometric information.
It’s all laid out in the MCG’s conditions of entry: “Patrons consent to the collection of biometric information for what is reasonably necessary for … the MCG’s functions or activities.”
“Reasonably necessary” – now there’s a fine example of legal jargon.
Does it really matter what these organisations are using our faces for? Probably not to most of us, but there are possible risks to consider.
Lauren Perry, from the UTS Human Technology Institute, makes a salient point. “We’re talking here about semi-public places where [there are] community members, including a lot of children,” she said.
Ms Perry says that venues using facial recognition technology as a default is concerning and shows the industry can’t be trusted to regulate itself.
Alas, recent history tells us that the law tends to lag behind when it comes to technological progress. So, for now at least, FRT is something most of us are simply going to have to … face up to.
Were you aware that stadiums such as the MCG and SCG already use facial recognition technology? Does this concern you? Let us know in the comments section below.
Also read: Should DNA kits come with warnings?
The excuse that legislation follows technology is really not good enough in this case. We already know the criminal exploitation surrounding our personal digital data so it should not take too much imagination to see the possible downsides of facial recognition data exploitation. We have seen plenty of cat-fishing examples of stealing people’s images.
A good starting point would be the requirement for prominent signage before entering any places where FRT is used. There should be a stated purpose for collecting the data and it should be used only for that purpose and unless there is a specific reason all FRT data should be deleted and not retained beyond 14 days from collection. FRT data should not be shared or disclosed to any other party except for law enforcement purposes.
This and experience from other data exploitation should be enough to get some rules and protection in place before it’s too late.