Recent expansion of facial recognition technology at the Wegmans supermarket chain in New York City has sparked widespread concerns about consumer privacy. However, according to a Gothamist investigation, Wegmans is not the only retailer using this type of technology. Facial recognition and biometric data collection technologies are quietly spreading across the retail industry in New York, while regulation lags behind technological developments.
Experts, legislators, and consumers alike are worried that companies collecting extensive facial data from customers without stringent regulations may pose long-term risks of privacy and data breaches. Some experts point out that current regulations are very limited, suggesting that businesses should clearly inform customers if facial recognition technology is being used and restrict the retention of data.
Facial recognition technology analyzes facial features through artificial intelligence and compares them with existing databases. This technology is increasingly common in the American retail industry but often lacks transparency for the average consumer. When Gothamist inquired with 50 major retailers about the use of this technology in their New York stores, most did not respond. However, CVS, Target, Stop & Shop, Burlington, Marshalls, TJ Maxx, and HomeGoods stated that they do not use this technology. Macy’s confirmed that some of its stores are using facial recognition systems.
In 2021, New York City passed a law requiring businesses that collect customers’ biometric data to post notices and prohibits selling or profiting from the data. However, the city’s Department of Consumer and Worker Protection (DCWP) admits that if businesses do not comply with the regulations, the government lacks direct enforcement mechanisms, leaving it up to consumers to file complaints.
Many consumers are unaware that the stores they frequent for shopping are using facial recognition technology. Some supermarkets have notices posted on shopping carts, but most customers have never noticed.
Privacy advocates point out that even if companies disclose information in compliance with the law, the consequences of facial and other biometric data leaks are far more severe than credit card data breaches. While you can replace a credit card if the data is compromised, you cannot change your facial scan data if it is leaked.
Retailers and security professionals believe that facial recognition technology helps prevent theft and violent incidents. However, scholars warn that algorithms may have racial bias, leading to misidentification and unnecessary conflicts. In fact, achieving similar results can be done through post-analysis using traditional surveillance cameras alone.
The New York City Police Department states that in retail theft cases across the city, facial recognition only serves as one of many investigative leads and cannot solely justify an arrest.
California and Illinois are at the forefront of biometrics legislation, while the United States still lacks comprehensive national data privacy laws.
Civil rights groups and some lawmakers are calling for stronger oversight. New York State Assembly Member Linda Rosenthal recently reiterated her proposal, requiring retailers to provide clearer disclosure and privacy protections when using tracking or biometric identification technologies. She emphasized, “People should not be forced to surrender their biometric data just to buy groceries.”