The canary in the coal mine has officially dropped dead, as public opinion around facial recognition software has turned toxic.
In this case, the proverbial songbird is Facebook (now Meta), who announced that they’d be shutting down their decade-old auto image-tagging feature this November and deleting the facial scan data of more than a billion users.
The facial recognition software automatically identified people in uploaded photos and would suggest users “tag” them, connecting their accounts with the image. Over the last several years this feature has led to government investigations, a class action lawsuit and untold regulatory trouble.
Facebook said it wouldn’t discard the facial recognition algorithm, called DeepFace, and hasn’t ruled out using this technology in future products. However, going forward the company has committed to designing products that collect as little personal data as possible and as part of an FTC settlement, promised to give “clear and conspicuous” notice before using facial recognition on users’ digital media.
“This news story has generated a lot of talk amongst the general public,” said Bollman Blanco, P.Eng. and Lead Engineer at SmartONE. “The very act of Facebook ending their use of facial recognition technology points to the privacy and regulatory issues surrounding this technology. People are becoming more concerned with maintaining their privacy and don’t want to occupy digital or physical spaces where their privacy can be compromised, especially with the increasing cases of digital identity theft and fraud.”
When users have control over how their data is used and facial recognition is contained in a device, the technology is perceived as safe and convenient. But when it’s used by the state for mass surveillance, like what’s happening in the UK and China, people rightly become concerned.
“Going that far scares people and they see it as very invasive tech. The risks associated with larger-scale use are pretty high, considering how widespread the technology is and who could get access to the data,” Blanco explained.
Current Canadian laws
In Canada, it’s currently legal to collect and share facial images for identification purposes without consent.
“Canada also lacks clear guidelines and consent mechanisms for how our facial information, which is highly sensitive and vulnerable to misuse, can or should be used,” two top researchers wrote in an Ottawa Citizen opinion piece.
This opinion is shared by Gregory Smolynec, deputy commissioner for policy and promotion in the Office of the Privacy Commissioner (OPC) of Canada.
He told the CBC in a recent interview that Canada’s privacy laws are “woefully out of date” to protect people from the potential harms of technology like facial recognition and artificial intelligence.
“Our private sector law is now over 20 years old, so it was passed and conceived of before social media such as Facebook, [which] was only founded in 2004,” Smolynec explained.
In addition to encouraging all levels of government to update their laws, the OPC wants policymakers to consider making privacy a human right, amid fears over civil rights violations, racial bias, and invasion of privacy.
SmartONE and Facial Recognition Technology
While facial recognition technology embedded in select hardware is available to our customers, we actively recommend against its use until Canadian laws and use guidelines have been updated and brought in line with global standards. This is to protect both the privacy of residents and to reduce the risk of difficulties later on for builders and property managers.
When looking at smart tech, the primary application of facial recognition in residential buildings would be to help streamline building access in lobbies and entryways. An upgraded biometric lobby phone with facial recognition capabilities has been available since 2017, but must be specially specced and installed in order to use this technology.
“We build our systems to last for 30 to 40 years. Smart tech providers and real estate developers need to make the responsible decision about facial recognition use for the long term,” Blanco said. If Canada follows the EU and US’ direction, he estimates that our laws will become much more stringent within the next five years.
Risks to Developers’ Brands
If you’re found running afoul of the laws, or experience a data breach, you face the following risks, which could impact your brand.
1. Expensive system retrofits to comply with new regulations
If facial recognition is banned in public spaces, you’ll be forced to remove all facial recognition technology on the public area cameras, like lobbies and common areas.
2. Lost sales
Some companies are investing in features like facial recognition simply because of its novelty without evaluating if the benefit from the application outweighs the ethical and technical risks.
During the pandemic, technology has experienced the largest trust drop across all sectors, according to an annual global survey. Of the top four fears, 68% of respondents were concerned about hackers and cyber-attacks, while 61% were worried about losing their freedoms. Buyers may decide not to purchase a home outfitted with what they consider to be unnecessary, invasive technology that they cannot opt-out of, losing you sales.
3. Lawsuits and privacy probes
The Canadian Office of the Privacy Commission has investigated several private companies for misusing facial recognition technology. Facebook has also paid a steep financial penalty over the last few years – the Federal Trade Commission fined Facebook a record $5 billion to settle privacy complaints in 2019, in addition to paying another $650 million to settle a class-action lawsuit in Illinois last year.
4. Lost investment
Investors are now paying attention to how companies are using this technology. In June, a group of 50 investors managing $4.5 trillion in assets announced they would be working with companies developing or using facial recognition technology over the next two years to ensure it is used ethically. It appears that this could become an investment criterion, evolving in a similar manner to ESG criteria.
5. Bad PR
A Canadian property management firm received a lot of bad publicity after privacy regulators ruled in 2020 that they contravened federal and provincial privacy laws by embedding cameras inside directories at 12 shopping malls that were used to capture shoppers’ demographic data without consent.
Still offering the same functionality
To help protect our clients, we have been working diligently to help accomplish the same goal – allowing smooth, hassle-free building access while maintaining security – without employing facial recognition technology. We offer multiple options to residents:
- fob, containing no biometric data
- mobile app, which allows us to authenticate users using their phone password, so we don’t have to ask for additional private or biometrics data
- Fingerprints (optional upgrade), which are very well regulated in Canada and most importantly, are stored locally in the door lock itself and not sent to the cloud
Ready for when the time is right
Facial recognition software has been available for several years now, but we recommend against its use until Canadian laws and regulations have matured – and the public is more comfortable with select applications. Until then, we offer many alternatives that won’t leave a sour taste in residents’ mouths.
Curious to see our technology in action?
Click here to request a demo and learn more about how we can elevate your brand.