CF Lime Ridge Mall took 259,899 images of shoppers without consent: privacy watchdogs
Local privacy expert says companies could eventually profit from our biometric data
Lime Ridge Mall in Hamilton captured 259,899 images of shoppers without their knowledge or consent, as revealed in a country-wide investigation of Cadillac Fairview malls by the federal, Alberta and B.C. privacy commissioners.
Cadillac Fairview is the real estate company behind some of Canada's most popular shopping centres, including Toronto's Eaton Centre and the mall on Upper Wentworth Street in Hamilton.
The mall used "anonymous video analytics" (AVA), the report says, to take temporary images of the faces of individuals within the field of view of cameras in digital information kiosks. Those images were used to guess a person's age, gender and how the person moved around the mall.
Daniel Therrien, the country's privacy commissioner, said the lack of meaningful consent was "particularly concerning" given the data it collected was people's faces and biometrics — data that's unique to each individual.
"Shoppers had no reason to expect their image was being collected by an inconspicuous camera," he said in a statement, "or that it would be used, with facial recognition technology, for analysis."
How did Lime Ridge Mall collect your data?
The report says Cadillac Fairview embedded small, inconspicuous cameras inside digital kiosks and directories to capture the images. When shoppers were in the camera's field of view, it would snap a picture and use facial recognition technology to guess a customer's age, gender and movements.
Each image was converted into a unique code, the report says. Cadillac Fairview collected five million images in 12 locations across Canada. That data, according to the report, could be used to identify people based on their faces. Cadillac Fairview denied ever identifying people.
The company said it was a pilot project that stopped in July 2018 after concerns raised in a CBC investigation. It also emphasized the technology wasn't capable of identifying people and that each image isn't necessarily a different shopper, which means one person could account for multiple images.
Cadillac Fairview also said photos would only be analyzed for milliseconds before being deleted, but the commissioners said they found the five million images stored on a third party's decommissioned server, "for no apparent purpose and with no justification."
"Cadillac Fairview stated that it was unaware that the database of biometric information existed, which compounded the risk of potential use by unauthorized parties or, in the case of a data breach, by malicious actors," read the report.
But even the number of images taken at Lime Ridge is alarming to Karen Louise Smith, an assistant professor at Brock University who has extensively researched online privacy and the risks around biometric data.
"Two-hundred sixty thousand images collected locally [is] a massive amount of people sorted and categorized for unknown reasons," she said in an interview Thursday.
"Cameras in kiosks are relatively new, and while someone might expect security cameras in a mall, I don't think they necessarily expect there's going to be hidden cameras embedded into devices they're interacting with," Smith said.
Smith listed better alternatives the company could have used for consent.
"A pop-up with a 'Do you agree?' button is one option," she said. "A lot of us are also familiar with a green light turning on when recording is happening. There could be an icon that pops up of a camera that gives you an indication a picture is being taken."
Data deleted but experts still have concerns
In a statement on Thursday afternoon, Cadillac Fairview said it deleted the data and deactivated the cameras.
"We take the concerns of our visitors seriously and wanted to ensure they were acknowledged and addressed," read the email.
But the commissioners are still concerned about the company's plans moving forward. They wrote that Cadillac Fairview refused their request to improve how it gets consent from customers if it redeploys the technology.
The company said it accepted and implemented all the recommendations "with the exception of those that speculate about hypothetical future uses of similar technology."
Similar technology could be used for targeted ads
Smith said the report reminded her of dystopian, science-fiction scenes from the Netflix show Black Mirror, or the 2002 film Minority Report.
"There's a really popular scene in the movie where Tom Cruise walks into a mall and is basically bombarded with personalized ads as his biometrics are scanned," she said.
"This kind of technology at a kiosk could be used in the future to target ads at people based on their age and gender, and I really think that's what at stake here — whether we want our biometrics to be used by companies to generate profit ... and whether facial images are treated as personal information."
She thinks the report will relax the rollout of these kinds of technologies, but says they still may come sooner than we expect.
"The idea of making these kinds of cameras and a broader array of sensors ubiquitous within our built environment, it's very much on the horizon at the moment. Where we choose to draw the line, I think, is very important."
With files from Catharine Tunney and Thomas Daigle