The FTC released a document on October 22, 2012 calling for the protection of privacy by those who develop and use facial recognition technology. Many of the suggestions involve obtaining “affirmative express consent” before using identity information.
The document does not directly address the use of facial recognition in security, but the recommendations appear to be at odds with some of the likely applications – especially the use of shared shoplifter databases.
“To begin, staff recommends that companies using facial recognition technologies design
their services with privacy in mind, that is, by implementing ‘privacy by design,’”
“For example, companies using digital signs capable of demographic detection – which often
look no different than digital signs that do not contain cameras – should provide clear notice to
consumers that the technologies are in use, before consumers come into contact with the signs.”
“Perhaps of most concern, panelists surmised that advances in facial recognition
technologies may end the ability of individuals to remain anonymous in public places.32 For
example, a mobile app that could, in real-time, identify anonymous individuals on the street or
in a bar could cause serious privacy and physical safety concerns, although such an app might
have benefits for some consumers. Further, companies could match images collected by digital
signs with other information to identify customers by name and target highly-personalized ads
to them based on past purchases, or other personal information available about them online.33
Social networks could identify non-users of the site – including children – to existing users, by
comparing uploaded images against a database of identified photos. Although staff is not aware
of companies currently using data in these ways, if they begin to do so, there would be significant
Also, a document cited in the report that details digital signage best practices can be found here.