Bunnings Faces Privacy Breach Ruling Over Facial Recognition Use

The Australian Privacy Commissioner found Bunnings violated privacy laws by using facial recognition technology without customer consent.

Bunnings used facial recognition technology in 63 stores across New South Wales and Victoria from 2018 to 2021.
The Office of the Australian Information Commissioner (OAIC) determined Bunnings collected personal data without proper consent, breaching the Privacy Act.
Bunnings argued the technology was necessary to prevent violence and organized crime, claiming it helped reduce incidents in stores.
The Privacy Commissioner ordered Bunnings to stop the practice, destroy collected data within a year, and publish a statement acknowledging the breach.
Bunnings plans to seek a review of the decision, maintaining that customer privacy was not compromised due to the rapid deletion of non-matching data.