by Paul Rudo on 30/10/12 at 9:46 pm
Big Data adoption is growing rapidly, and measures need to be taken in order to protect consumer privacy.
Once your personal information leaks out onto the Internet, trying to erase this information can be like removing milk from coffee. Preventative controls need to be put in place to prevent unwanted privacy breaches, and also to hold offenders accountable for exploitive or careless use of private consumer data.
A major factor in consumer privacy protection has to do with giving consumers more control in terms of what information they hand over. When consumers voluntarily hand over private data, the policies about what is done with this information should be made abundantly clear. And if information is being tracked about consumers through automated methods, these methods should also be made clear in such a way that consumers should opt out. (Preferably, opt-out by default)
One of the scariest automated data collection methods would be facial recognition. Simply by taking a secret photo, a company can combine information across numerous data sources to get lots of information about pictured individuals without their knowledge.
Facial recognition technology is making its way into various areas of business, including digital signage, medicine, gaming, mobile applications, security and social networking.
Facial recognition is such a an important challenge that it’s caught the attention of the FTC, who has recommended a series of best-practices for the use of this powerful and controversial technology. These recommendations were generated as the result of a Facial Recognition Technology forum which had held in December 2011, and was attended by leading industry experts.
- Companies should incorporate privacy as a core aspect of system design. This means placing protections which would prevent the unauthorized use or scraping of collected data.
- Organizations should establish appropriate retention and destruction policies for the biometric information they collect. For example, a consumer should have their data erased when they close their account.
- Data should be collected and used in responsible ways which respect the privacy of individuals. For example, it would be inappropriate to place cameras in bathrooms or areas frequented by children.
- Companies should also be open and transparent in their use of facial recognition. For example, consumers should be made aware using signs if they’re entering an area where their biometric facial data is being collected for facial recognition purposes.
- Consumers should be given the ability to opt-out or turn off facial recognition features in applications such as social networks.
- Applications should be designed to be used in responsible ways. For example, it would be irresponsible to create an application which allows men to secretly photograph women and collect their personal contact details.
It’s also important to note that these FTC best-practices are simply recommendations, and do not represent actual legal obligations. Although, they may possibly be a hint at the direction of future changes in legislation.
If you’d like to learn more about recommended privacy best practices when it comes to the use of facial recognition technology, we recommend that you download the FTCs “Facing The Facts” report.