FTC Unveils Facial Recognition Privacy Guidelines

In the US, the Federal Trade Commission has released a consumer privacy best practices guide for companies using facial recognition.

The regulation, which continues the FTC's March 2012 stated policy of 'privacy by design' in 'an Era of Rapid Change', targets three areas in particular: facial recognition tech on social media sites; digital signs; and signs where users can upload pictures and try out changes in their appearance, such as a haircut. For each, the guidelines stress the importance of four key principles: data security, transparency, consumer choice and data retention limits.

Among the examples given, the Commission suggests that stores using digital signs to take pictures of customers could inform them of this at the entrance of the store; while social networking sites should tell users how uploaded pictures will be used and give them an opt-out from certain features, such as Facebook's facial recognition database. The document also stresses that data owners should obtain 'affirmative express consent' in two key situations: before using biometric data in a way that materially differs from why it was collected; and if the data is used to identify anonymous images.

The FTC also stresses, however, that it encourages self-regulation and the report is not a 'template for law enforcement actions or regulations under laws currently enforced by the it'.

Web site: www.ftc.gov/os/2012/10/121022facialtechrpt.pdf . Thanks to www.lexology.com for content in this item.