Does Tesco’s facial recognition ad targeting cross “the creepy line”?

There’s this whole idea of “the creepy line” when it comes to the way our personal data is collected and reused without our permission. Eric Schmidt of Google fame reckons they get right up to it without crossing it or in other words, they push the boundaries as far as society will tolerate without getting too pissed off. Thing is though, how you define “creepy” is a very personal thing and it’s quite hard to put your finger on it. It’s a bit like that now very classic quote from Potter Stewart regarding hard-core porn:

I shall not today attempt further to define the kinds of material I understand to be embraced within that shorthand description, and perhaps I could never succeed in intelligibly doing so. But I know it when I see it.

When the folks over in the UK saw these, they knew it had crossed the creepy line:

Wifi tracking rubbish bins

It turns out that rubbish bins tracking your movements by monitoring your wifi enabled devices just doesn’t quite sit right with people. Probably no surprise, in retrospect, but just think how awesome that would have looked in the PowerPoint presentation!

Marketing shill: We can maximise brand awareness by intelligently targeting foot-traffic in high volume locations with tailored messages appealing to their unique behavioural requirements. Your customers will embrace this personalised service as they experience a level of rubbish bin personalisation we’ve simply not been to achieve with the technology of yore.

Now it seems the same logic is set to be applied to facial recognition in Tesco service stations and apparently they’re “installing face-scanning technology at its petrol stations to target advertisements to individual customers at the till”. Now in theory, this is just designed to identify age and gender so that advertising can be targeted appropriately. Also in theory, customers will embrace the concept of being shown pimple cream or adult diapers (for the appropriate gender, of course) and won’t find this creepy at all. Right…

The thing about facial recognition is that it first requires a photo of the individual. No surprises there, once the photo is obtained then there’s a process of mapping features. One of our local Aussie papers did a very neat illustration of this a couple of years ago when talking about spy camera surveillance:

Points of facial recognition

This, also, shouldn’t be surprising but the point is this: identification of personal attributes such as gender and age is achieved by establishing points of recognition on the image of the face. Whilst the shape of lips and hairlines may well be used to established gender, it turns out that they’re also very uniquely identifying features. By now we’re all well aware of many, many other uses of facial recognition in order to uniquely identify individuals. We’re already seeing it on Google Glass, for example, and of course in that case, Google theoretically aren’t allowing it which makes it pretty clear where it sits in relation to Eric’s definition of the creepy line. Whilst these technologies aren’t at the point of guaranteeing 100% success rates when it comes to identification, they’re good enough to raise the ire of shoppers.

But don’t worry, these devices are being “ethically deployed”. Phew, glad we got that sorted out! But seriously, the theory is that tracking is (at least initially) limited to gender and age (as ambiguous as both of these can be at times). It’s also been pointed out that it may be done ethically “if customers agreed to opt in to having their behaviour tracked”. I can picture that now:

By entering this store you agree to let us take your picture and use facial recognition software to figure out if you’re a bloke or a chick or maybe transgender (not that there’s anything wrong with that) plus whether you’re young (please don’t rob us) or old (please hurry up) but we promise not use this complex data acquisition process to figure out who you actually are (unless you use your loyalty card then we’ll track the hell out of you). Thank you, please come again!

“Facial recognition” goes one hell of a step beyond the video monitoring we all expect to be subject to when we walk into most stores these days. You cannot reasonably expect to convey how one’s identity may be used in the same fashion we convey the traditional video monitoring scenario. Any talk of “opting in” or for that matter “opting out” at the point of sale might keep the lawyers happy, but it’s completely impractical.

So what are the options? Thinking back to the rubbish bin scenario, opting out was pretty easy – just turn your wifi off (actually given the ease of exploiting wireless devices, that’s probably sage advice anyway). But short of no longer attending stores that have decided to analyse your facial features, what can you do?

Well of course there’s always subtle obfuscation using everyday items of clothing:


But then you’ll be viewed as a hoodlum and end up copping the blunt end of a baseball bat.

You could just choose to convert to two wheeled motoring and turn up like this:

Motorcycle helmet

But walking into a servo like this usually means one thing.

Or of course you could change religion:


But, well, let’s not even start on all the issues surrounding that.

Then there’s the option of going on the offence:

Shirt with faces on it

But then you look like an idiot.

Or how about just impersonating a 17 year old delinquent:

Guy fawkes masks

Jokes aside, the ability for retail outlets to collect and analyse data and draw some very insightful, very personal conclusions from it is just staggering. Cases such as the pregnant teenager Target outed are only scratching the surface of the potential. Working on the assumption that facial recognition will be used to uniquely identify customers (you’re kidding yourself if you think it won’t), we can start with the obvious advantages which is the ones Tesco is presently admitting to (ad targeting by age and gender) and add to that the ability to track repeat customers. But we’re only just getting started…

From repeat customers we can determine habits, namely the time of the day or the week they wish to shop. Certain things can be implied form this alone such as whether they work a normal nine to five job or are maybe a shift worker. Different products appeal to workers of different demographics so this is useful info. But of course the other thing Tesco can do when they own a whole country of service stations is to track movements between them. Continuously visiting one location is one thing (and this alone will disclose a certain amount of socioeconomic information based on the postcode), being able to track movements between them and identify abnormalities is quite another (you appear to be on holidays – here’s the local tourism ad).

But we’re only just warming up! I alluded to loyalty cards earlier on and these are the fair dinkum mother lode of customer shopping behaviour. The neat thing about facial recognition is that you only have to use the card and have your face snapped once and Tesco now has a neat map between a biologic attribute you can never change (assuming no hoodie / helmet / burka / sneaky t-shirts / Guy Fawkes mask) and some very personal shopping habits. Want to ditch the loyalty card due to privacy concerns? No worries, they still know who you are.

Let’s bring in the wifi piece as well, no need to limit that to rubbish bins! Wifi gives us a number of things, one of which is correlation; tying a customer’s MAC address to their face and to a unique identity that contains their shopping habits makes it a hell of a lot easier to track individuals and confirm partial matches. Not sure if that face is Arthur or Martha? Well that looks like the same MAC address seeking out wifi networks as when we last saw Arthur, thanks! Oh, and because MAC addresses use the first few bytes to identify the manufacturer, we can tell if the customer is flush with cash and using an iPhone or is techno-dinosaur on a Blackberry. The other great thing is that wifi works even when you can’t see a face because a camera isn’t positioned on the particular queue the person is standing on. But hang on, isn’t there usually just a single queue at the servo? Now why on earth would Tesco limit this to but a fraction of their massive retail network?

When you have the luxury of having over 3,000 retail stores in the UK alone, you have the potential to do some very serious data mining. Perhaps it’s just that servos work well because people tend to file in through a single door and stand in a somewhat orderly queue, but they’d have rocks in their head not to be thinking about reusing this data across, say, their supermarket chain. If I was the brains at Amscreen who appear to be behind this new push, I’d sure as hell be pitching far wider and looking at significantly greater data collection than what’s being disclosed via the media. The thing about the creepy line is that it just keeps creeping further along and there’s only one way to find exactly where it is…

Of course all of this is wild speculation and it’s by no means limited to Tesco, but it’s speculation with a solid technology founding. How many of the facial features Tesco actually looks at and how many they calculate and if they do or don’t store it frankly becomes a pedantic argument the likes of which we’ve seen go round and round with the NSA and what does or does not constitute metadata. What they’re doing with it is not the point – it’s the fact they have the ability to capture and analyse faces that’s the issue and quite frankly, they’d be mad not to take the opportunity to track individuals using this. That’d be my pitch.

Security Tesco
Tweet Post Update Email RSS

Hi, I'm Troy Hunt, I write this blog, create courses for Pluralsight and am a Microsoft Regional Director and MVP who travels the world speaking at events and training technology professionals