Do You Know What Happens When You Walk into a Bunnings Store? What About Kmart?

Did you hear about the complaint Choice recently lodged with the Office of the Australian Information Commissioner (OAIC) against some of our biggest retailers? Huge retailers like Bunnings and Kmart are using in-store facial recognition technology. This practice has been described as being akin to them “collecting your DNA and fingerprints” every time you step foot inside their stores.

However, this information isn’t widely known and is not made accessible to consumers. In fact, it’s a closely guarded secret.

Of course, if you ask them, they’ll claim that it’s completely necessary. They’ll likely even make you feel stupid for being concerned. And, of course, they’ll trot out the age old saying “if you have nothing to hide, you have nothing to worry about.” Yet, if we pretend that facial recognition is necessary, then surely consumers need to know what’s happening? This should be common knowledge. So… why isn’t it?

Following the Choice complaint, The Good Guys “paused” their facial recognition trial. However, Kmart and Bunnings have continued with their “unethical” practice.

The Good Guys admit that they had planned to use facial recognition data to track theft and ensure staff and customer safety. Bunnings and Kmart say the same. But what they’re not saying is why consumers weren’t informed or what they’re doing with the data once it’s collected. How is the data being stored? Who is reviewing it? Are they sharing it with third parties? Are they using it to track us and tailor marketing towards us?

Sadly, our laws and policies haven’t kept up with technology. Currently, the OAIC is working to find if these companies have breached the 1988 Privacy Act.

Dr. Dennis Desmond, a Cyber Intelligence lecturer from the University of the Sunshine Coast, is concerned about the “lack of disclosure to the individuals, the retention of data, and how the data is actually going to be used.” In this article in The New Daily, Desmond goes further, claiming that these technologies could be used in a way that affects whether we’re granted loans or health insurance by identifying what organisations can arbitrarily label “risky behaviour.”

There are a multitude of “what ifs” here. Kmart and Bunnings have declined to share either how their data is stored, or if they’re selling it to third parties. Our legitimate questions have not yet been answered.