Retail giant Kmart broke privacy laws by using facial recognition technology (FRT) on its customers, the Privacy Commissioner has found.

Over the two years until July 2022, Kmart captured the facial data of "tens or hundreds of thousands" of customers at store entrances and return counters, in an attempt to tackle refund fraud.

Facial recognition technology maps a person's unique facial features and compares it against a database of other faces.

Major retailers and public venues say the technology can be helpful in detecting repeat offenders and preventing crime.

But after a three-year investigation, Commissioner Carly Kind found Kmart's use of FRT was disproportionate, and the company did not gain consent to use it on shoppers.

"The sensitive information of every customer who entered

See Full Page