A college is removing its vending machines after a student discovered they were using facial recognition technology::A photo shared on Reddit showed one of the vending machines with an error code suggesting it used facial recognition tech.

  • douglasg14b@lemmy.world
    link
    fedilink
    English
    arrow-up
    13
    arrow-down
    10
    ·
    10 months ago

    To be fair that is perfectly valid and benign data to collect to determine what demographics use your service.

    I’m sure this is going to be controversial on here though but when you build a service or a device it’s usually pretty valuable to know who uses it in order to determine what features to work on next or how to change it.

    Of course the ability for them to abuse it is quite high and it would be difficult to trust them not to transmit more information than they’re supposed to

    • JJROKCZ@lemmy.world
      link
      fedilink
      English
      arrow-up
      32
      ·
      10 months ago

      You don’t need to add features to a vending machine though, it just needs to take currency in exchange for snacks and drinks. Any metrics of what sells better/worse can be done by watching inventory like we’ve done all of commercial history. They’re over complicating this for no valid reason

      • nymwit@lemm.ee
        link
        fedilink
        English
        arrow-up
        14
        arrow-down
        1
        ·
        10 months ago

        It’s not just what sells, but who buys what. “Demographic X buys this one product more than others so how can we advertise this product to them where they will see it?” Growth is their “valid” reason, you know, like malignant cancer cells.

      • Cringe2793@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        2
        ·
        10 months ago

        There is a valid reason. It’s easier. You don’t need to get a person to watch/count/analyse the inventory.

          • Cringe2793@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            10 months ago

            Yeah I think you’re just paranoid. Maybe you need to understand how this works better before making a snap judgement. No personally identifying pictures are stored. What’s wrong with a bit of market research? Knowing which (estimated) gender buys what is not that big a deal.

            Y’all can downvote me and argue till the cows come home, but y’all are just paranoid. I see nothing wrong with this.

    • NaibofTabr@infosec.pub
      link
      fedilink
      English
      arrow-up
      13
      ·
      10 months ago

      I think a big question here is whether or not this feature of the machine was disclosed to the university when they were installed. It’s one thing for the university to place its own security cameras that it has control over, but if a third party is placing surveillance devices on the property they should be giving very clear written notice.

    • OpenStars@startrek.website
      link
      fedilink
      English
      arrow-up
      11
      ·
      edit-2
      10 months ago

      Ofc it could have been benign, but there is no evidence that it was, while conversely everything that we currently know points to a breach of ethics.

      One, they did not fully disclose that a camera was even there (unless I am mixing up this story with another one just like it?). That also makes it impossible to…

      Two, they did not obtain proper (or any) consent. A banking ATM that needs to use your face to verify your identity could be an example of a benign use, and ignoring the enormous potential security implications of that atm, it could do so with a popup on the screen “Do you consent to having your face observed?”, “Do you consent to storage of your facial data in our database?”, “Do you consent to us selling the marketing data we collect from analysis of your facial data?”. They did none of this.

      Three, when asked about it, they lied. Technically they obfuscated the truth, which is just another way of stating that they lied.

      Ofc it COULD have been benign, but so far they are zero out of three already towards that end - and that is even from just what we know so far.

    • LifeInMultipleChoice@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      1
      ·
      10 months ago

      Many of these were set up in areas where there are no employees as well. While some may be “vending machines” by definition many colleges and work sites installed areas with food/drink items all set up on shelves where you can go and grab what you want and then go self checkout on your own and walk off. Cameras and recognition of who is taking items without paying has been the regulating power since they were set up. Many do not accept cash, and you use a card, your phone or even set up an account using your fingerprint to grab a banana/cookies/gatoraid/ice coffee/whatever and pay quickly. The idea that they knew who you were was used to balance their costs against the number of lost/stolen items.

      It is foolish to think they weren’t identifing individuals, but it would be wrong to sell the data as well.

    • ohto@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      2
      ·
      10 months ago

      I agree this is a legitimate goal. I guess I’m just thinking they need to be transparent about it. The representative should be clear what they are doing and not insinuate they are only identifying the presence of a human and that’s it. They probably should even have a sign on the machine to notify people they are being videoed. When I get into my Ford Escape the touch screen tells me I’m supposed to notify my passengers of privacy concerns because I have location services turned on. This sort of privacy notification seems standard these days.