7-Eleven facial recognition survey violated Australian customer privacy

Chain store 7-Eleven breached customer privacy in 700 stores between June 2020 and August 2021 by collecting facial imagery without consent. 

Australia's privacy commissioner the OAIC ruled (pdf) that 7-Eleven abused customer privacy by collecting and storing their facial images in order to validate a survey it had been conducting into customer needs and to understand their demographic profile. 

7-Eleven had required customers to fill out information on tablets with built-in cameras, and had captured their facial images at two points during the survey-taking process. 

7-Eleven said it obtained its customers' consent by providing a notice on its website stating the company would collect photographic or biometric information from users.

The OAIC said the collection of facial images was not reasonably necessary in this instance, and that 7-Eleven had failed to provide information about how customers' facial images would be used or stored. 

7-Eleven was order to cease collecting facial images and faceprints as part of the customer feedback mechanism, and destroy all the faceprints it collected.