The Secure Times

An online forum of the ABA Section of Antitrust Law's Privacy and Information Security Committee

FTC Releases Report on Use of Facial Recognition Technology

Leave a comment

On October 22, the FTC released its report regarding best practices in using facial recognition technology.  The report, entitled “Facing Facts: Best Practices for Common Uses of Facial Recognition Technologies,” is intended to address privacy concerns associated with the growing use of facial recognition technology, by helping companies that use and develop these technologies protect consumers’ privacy as they create and market new products and services.  The report was developed after the FTC hosted a workshop in December of 2011 on facial recognition technology and received public comments on the issue.

The report recommends that companies using facial recognition technologies (1) design the products or services with privacy in mind; (2) develop reasonable security protections for the information collected through the use of such technologies, and maintain procedures for determining when to keep collected information or destroy it; and (3) keep the sensitivity of the information collected in mind when developing facial recognition technologies.  For example, the FTC noted that digital signs using such technology should not be used in places where children gather.

The report also recommends that companies provide clear notice of the use of facial recognition technologies when consumers come into contact with them, both on and offline, and give consumers a choice as to whether data is collected about them.  For example, in the social networking space, the report recommends that the site give consumers clear notice of the use of facial recognition technologies (outside of a privacy policy), and provide users the ability to turn off the facial recognition feature at any time and have their biometric data collection from previous photos and videos permanently deleted.

Finally, the report recommends that companies obtain affirmative consent from consumers before collecting or using biometric data in at least two instances – first, before using consumers’ images or biometric data in a manner different than what the company previously represented to such consumers, and second, before identifying anonymous images of a person to a third part who could not have otherwise identified such person without their consent, such as identifying users to other users who are not their “friends” on a social networking site.

Interestingly, Commissioner J. Thomas Rosch issued a dissenting statement with the report, stating that the report “goes too far, too soon.”  The FTC voted 4-1 to release the report.

Author: Heather Enlow-Novitsky

VP, Assistant General Counsel, Bank of America Merchant Services

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s