On 19 November 2024, the Office of the Australian Information Commissioner (OAIC) released guidance on assessing the privacy risks in facial recognition. The guidance sets out general considerations for private sector organisations considering using facial recognition technology (FRT) to undertake facial identification in a commercial or retail setting.
The release of the guidance was on the same day as Australian Privacy Commissioner, Carly Kind, found that Bunnings Group Limited breached Australians’ privacy by collecting their personal and sensitive information through a facial recognition technology system. The system, via CCTV, captured the faces of every person who entered 63 Bunnings stores in Victoria and New South Wales between November 2018 and November 2021. Commissioner Kind said, ‘We acknowledge the potential for facial recognition technology to help protect against serious issues, such as crime and violent behaviour. However, any possible benefits need to be weighed against the impact on privacy rights, as well as our collective values as a society.’