Photo tagged on Facebook = getting tagged at physical stores now too?

A new tech startup that produces facial recognition camera systems tied to Facebook tagged photos, plans to offer the technology to more traditional physical stores so they could offer you appropriate deals as you enter their business. That’s great for stores who want to have more targeted information about you, based on a bit of your history and likes. But what about privacy, what are the implications?

facial-recognitionFor now, you are not included in this scheme unless you opt in via Facebook to a third party service. The service would then present tailored deals to your mobile device when you entered an establishment which is using the technology (currently being tested in Tennessee). Facedeals, the provider, says this simply bolsters and leverages check-ins so that local businesses have more personal information, and by knowing and targeting the products they offer you based on your likes and preferences they can seem more relevant, like discounted or free drinks for using the service at a bar & grill.

But what if you haven’t opted in to the service? Isn’t it kind of creepy to know that the cameras still look for a match, so the service will still “automagically” go through the process involving gathering data about you without your opt-in? Not to mention taking your picture without your permission (unless entering a retail establishment is taken to convey a form of permission). The system is obviously hoping its efforts will result in a matched face belonging to someone who has opted in. But if not, will it store the data for later use? Either way, it takes your picture, hoping for a possible match through data mining activity, without your consent.

This means that if Facedeals’ (or similar startups’) equipment gains traction in the market, we could be seeing very real steps toward scenarios portrayed in futuristic movies like Minority Report, where the Chief John Anderton character walks through a mall, and is greeted by avatars welcoming him by name into their store, complete with discount offers calculated from the collection of data they are able to garner about him from various sources.

With a social media feed added to the mix, you could walk into a store and “the store” would not only know who you are, but if you’ve been sharing family tree information along with birthday information, the store may magically suggest gifts for your mother, since her birthday is in 5 days, but you never asked it to get that information. Or did you? If you don’t protect your profile information on Facebook, you may be inadvertently opting in to the whole scheme.

One comment suggested the technology is only trying to streamline what staff members at a store should be doing anyway, i.e. getting to know the customer and offering to sell them things they want that fit their needs. Others complain that it’s a harbinger of events yet to come, where facial recognition might be required through Facebook photo match before you are allowed to use a given service. There are already websites that require a Facebook login to signup, could this now extend to physical storefronts as well, all aided by a hands-off recognition system?

For now – no. This isn’t a Facebook-driven service, it’s only a third party driven venture that interfaces through data from the platform.

Even if you don’t plan on using Facedeals any time soon, now might be a good time to review your profile and secure your Facebook privacy settings, especially related to information sharing and photo tagging. We’ll be soon updating our series on updating your privacy/security on Facebook to integrate the timeline feature (which I’ve been recently forced into).

Cameron Camp
Security Researcher


One thought on “Photo tagged on Facebook = getting tagged at physical stores now too?

  1. How does the service know that a tagged photo is ACTUALLY that of the person who owns the account?

    Suppose I put (say) Brad Pitts’s photo up on my Facebook account and tagged it. Would that mean that the next time Brad walks into that “establishment” in Tennessee he’ll find himself being greeted by a “Hi, Stephen”? 🙂

    The “Minority Report” scenario presupposes a central repository of accurate, reliable, and verified data which vendors can tap into. Having a dataset filled with inaccurate, unreliable, or just plain bogus information is hardly going to be very useful, at least for the scenarios posed in “Minority Report”.

    If, however, you did have access to an accurate and reliable repository, the uses hardly end with store vendors and the police. If shopping malls have access to that repository, presumably it would not be impossible for (say) a criminal or terrorist group to have that same sort of access, thereby allowing them to conduct (say) targeted assassinations or robberies of particular individuals.

    And let’s not even get into the identity theft possibilities of having access to that kind of data!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s