WASHINGTON -- Facebook, Wal-Mart and other companies planning to use facial-recognition scans for security or tailored sales pitches will help write rules for how images and online profiles can be used.
The U.S. Department of Commerce will start meeting with industry and privacy advocates in February to draft a voluntary code of conduct for using facial-recognition products, according to a public notice. The draft will ready by June.
"We are very skeptical about stomping on technology in the cradle," Mallory Duncan, senior vice-president of the Washington-based National Retail Federation Inc., said in a phone interview. "It's not a good idea to develop codes or laws that freeze technology before you have the ability of determining what it's capable of achieving."
In Britain, Tesco Plc is installing face-scanning technology at its gasoline stations to determine customers' ages and gender so tailored advertisements can be delivered to them on screens at checkouts. Retailers may be able to compare customers' images from security cameras with law enforcement photo databases.
Facebook, Apple and other Internet companies have been trying to restore consumer confidence that they protect privacy amid an international backlash over revelations that the U.S. National Security Agency has collected data on their users.
The American Civil Liberties Union and other privacy groups want laws, not voluntary standards, to prevent face scans from being used for spying and tracking. Trade groups such as the retail federation, which represents Wal-Mart, oppose regulations or laws they say might cripple an emerging market, estimated to reach $6.5 billion by 2018 by MarketsandMarkets, a Dallas research company.
Facial-detection technology uses a mathematical formula to create a digital template of a person's face, otherwise known as a faceprint. It underlies one of the more popular Internet activities -- tagging yourself and others in photos uploaded to social-media sites such as Facebook or within photo-management applications such as Apple's iPhoto.
Kiosks have been developed that can scan a person's face at a shopping mall to determine gender or age for tailored sales pitches, Duncan said.
An advertising and technology agency in Nashville, Tenn.,, called Redpepper is testing an Internet application in which users agree to give access to their Facebook profiles and have their faces scanned by cameras at local businesses when they walk in or by. The application then delivers customized advertising deals to their smartphones.
Facial scans are becoming more common to establish identity for secure access to buildings or devices. Apple Inc. received a patent Dec. 3 for a system to use a facial scan to unlock an iPhone or computer.
The U.S. Commerce Department, which will start the discussions in February, says the code of conduct will apply only to commercial use, not to how law enforcement or spy agencies may use it.
The Commerce discussions "can provide meaningful privacy protections without running the risk of legislation that becomes outdated as technology evolves and limits people's ability to use online services," Rob Sherman, policy manager for Menlo Park, Calif.-based Facebook, said in an emailed statement. Facebook has almost 1.2 billion users and doesn't disclose how many faceprints it has assembled.
Voluntary standards written primarily by companies with a business stake in using facial recognition won't ensure adequate protection of people's privacy, such as preventing facial scans of people without their knowledge, said Christopher Calabrese, an ACLU lawyer in Washington.
"One of the most serious concerns about facial recognition is it allows secret surveillance at a distance," he said in an interview. "Suddenly, you're really not anonymous in public anymore."
Once a company obtains facial images, it can use them to identify people, track their movements and build profiles of their personal lives, Jeffrey Chester, executive director of the Center for Digital Democracy, a privacy advocacy group in Washington, said in an interview.
"This is all about giving a digital stamp of approval to the industry's ever-growing collection of U.S. consumer data," Chester said.
Companies can combine facial data with applications that track a person's location or online browsing habits, Chester said. This "commercial surveillance" is vulnerable to being searched or obtained by the NSA or other government agencies, no matter how companies try to protect it, he said.
Growth in the facial-recognition market is being fuelled by cameras with the ability to capture quality photos, databases with photos linked to people's online identities, and computing power to analyze images, Joseph Atick, co-founder of the Washington-based International Biometrics and Identification Association, said in an interview.
"This is a perfect storm," said Atick, who pioneered the technology in the 1990s. "There is reason for alarm."
The association, which represents Lockheed Martin Corp. and other technology companies that work with facial-recognition software and hardware, wants the code of conduct to be voluntary, with the Federal Trade Commission supervising how companies implement it, Atick said.
Companies should be required to notify people and get their consent before using the technology on them, Atick said. Companies that pledge to abide by the code and fail to do so could be punished by the trade commission or face class-action lawsuits, he said.
The technology holds great potential to benefit society, for commercial purposes and security uses such as finding criminals, Atick said. It must be handled with "the utmost care" in order to not lose the confidence of consumers and citizens, he said.
-- Bloomberg News