Privacy breach: 7-Eleven uses facial recognition to collect customers’ information

Computer forensics specialists report that 7-Eleven convenience store chain is implementing facial recognition technology at its 700 stores located in Australia as part of a new feedback program. The company states that this information will not be used for any other purpose.

Some customers report that the company has already placed some ads very unclear regarding this technology at the entrance of some stores: “This site is under constant video surveillance. By entering the store, you agree that facial recognition cameras capture and store your image,” the sign mentions.

In this regard, a spokesperson for 7-Eleven Australia assured that this technology was implemented to operate with Rate It, a user experience assessment tool, linked to an electronic tablet placed in each of its stores.   According to computer forensics experts, 7-Eleven has been employing other variants of facial recognition technology in other markets for some time (Thailand, for example), although this technology had not been implemented on the oceanic continent.

On subsequent occasions, the company’s representative was also very emphatic about the use of this technology: “Facial recognition at Rate It ensures that the feedback is accurate and valid; our customers are the most important thing for us and we do not want this system to be used to their detriment.”

Broadly speaking, this system works like this: Customers activate the tablet and record their feedback regarding their in-store experience. The camera is only activated if the user so desires, so if a user does not use the Rate It system, their image will not be recorded.

Subsequently, the information captured on the tablet is converted into an algorithmic representation of the user’s image; the company states that the faces of its customers are not exposed at any time during this process. Finally, such algorithmic representation is stored in the Rate It system for seven days to perform the feedback; once this deadline has been met, registration is permanently deleted. According to computer forensics experts, this software is intended so that the company does not have access to the encrypted data.

In announcing the launch of Rate It, the company mentioned that this system would replace a manual customer feedback form in the store, making it easier for users to submit their complaints, doubts and suggestions to the company.

Although this kind of technology is becoming more common, specialists fear that its use will become a new security threat to users. According to the International Institute of Cyber Security (IICS), companies such as Google have shown their intention to discontinue such projects at least until there is clear legislation that brings users’ security first.