Face-off: why firms may want to hit pause on facial recognition tech

Last week, Massachusetts town Brookline became the latest local authority in the US to come out against the use of facial recognition technology to track citizens. These concerns have been matched by rights groups petitioning the federal government over the summer. But what about the use of technology for private businesses?

Although there may be employee safety, data security and even marketing benefits to using the emerging tech, there are also growing privacy and regulatory concerns that make it a risky play. Even if you’re an early adopter of new technology, it might be best to see how this one plays out before investing in facial recognition.

What is facial recognition?

At a very basic level, facial recognition technology systems capture, analyze and then attempt to match images of human faces. The secret sauce is in the software that does this, often using machine learning algorithms to improve detection rates. The most common types are found in many smartphones which now use facial recognition so that users can unlock their device without being forced to type in a passcode or scan a fingerprint.

But more controversially, these systems are often hidden away, monitoring users covertly from afar for ostensibly public safety and law enforcement reasons. The US Department of Homeland Security wants to use facial recognition on 97% of departing travelers by 2023 to check for those overstaying their visas, for example.

How can facial recognition benefit my business?

Despite these controversies, the technology could have some useful benefits for organizations, as long as users give their full informed consent and biometric data is kept secure. With facial recognition, firms could:

• Streamline physical security and health and safety processes

For example, facial recognition could unlock doors for staff, and provide HR teams with a real-time list of employees in the building, in the event of an emergency evacuation

• Improve cybersecurity and reduce the risk of data breaches

If all staff need to log-in to enterprise systems is their face, then organizations can ditch passwords. No passwords mean hackers have no way to steal log-ins and force their way remotely into enterprise IT systems

• Monitor premises for potential criminal activity

Biometric databases could be used by businesses like retailers to monitor for prolific shoplifters and other criminal activity

• Create a first-class customer shopping experience

Amazon is already trialing systems that will recognize customers and the items they put into their bags as they walk around its store. Customers can then leave without needing to pay at a physical till – they’ll simply be billed online. Shoppers could also be tracked by retailers as they move around a store to help tweak and improve the customer experience, and maximize potential sales.

Why are people mad about facial recognition?

It’s not hard to see the biggest problem with technology. When users are monitored without their knowledge, even if it is for reasons of public safety, there are understandably major privacy concerns. At the moment, these focus around the lack of safeguards or oversight of such implementations.

It was revealed in 2017 that the FBI’s facial recognition databases are filled with images on around half of all Americans, with most photos taken from non-criminal sources like driver’s licenses and passports. Even worse, the algorithms used to identify matches are said to be inaccurate about 15% of the time and are more likely to wrongly identify black people. A report into the use of facial recognition tech by London’s Metropolitan Police Service last year found false positives at a rate of 98%.

Detractors also argue that the tech is in itself a hacking risk, if cyber-criminals get hold of large databases storing the images, and use them to unlock user accounts. A major data leak occurred in the UK in August, exposing fingerprints of over one million people, plus facial recognition information.

What happens next?

The pressure is mounting on governments in democracies around the world to explain themselves over the use of facial recognition technology. Rights groups in the US see what is happening in China, where intrusive state surveillance is being tied to a repressive social credit scoring system – and they want official safeguards in place. Along with several Massachusetts authorities, San Francisco and other cities have banned or are in the process of banning the tech.

In Sweden, a school has been fined under Europe’s new GDPR laws for using the tech to monitor student attendance, while in London, a Kings Cross developer is being investigated over a lack of transparency in monitoring the public.

Current US privacy laws aren’t as rigorous as the GDPR, but there are signs that they could soon be overhauled in line with those in Europe. As with any emerging tech, society needs to work out what it is comfortable with, and design in safeguards if necessary. In the meantime, even the most enthusiastic corporate adopters of emerging technology would be advised to hit pause on any plans involving facial recognition.

As it stands, there are too many cons and not enough pros to make the time, effort and expense worthwhile.