NewsBite

Facial recognition surveillance coming to Accor and CommBank stadiums

Oasis and Metallica concert ticketholders could be among the first to experience major surveillance upgrades at two Sydney stadiums.

The facial recognition technology will be rolled out at CommBank Stadium. Picture: Supplied
The facial recognition technology will be rolled out at CommBank Stadium. Picture: Supplied

Oasis and Metallica fans could be among hundreds of thousands of Sydneysiders scanned for their faceprints without explicit consent, as the NSW Government plans surveillance upgrades at Accor and CommBank Stadiums.

The Daily Telegraph can reveal that facial recognition technology is coming soon, with a project tender expected to open by the end of the year.

The stadiums will join a growing list of venues that already use the technology and typically only notify patrons with a small note in their conditions of entry - including Sydney Cricket Ground, Allianz Stadium, Qudos Bank Arena, and The Star.

It comes as US cities are increasingly moving in the other direction and outlawing facial recognition capabilities.

Although Venues NSW stressed that only banned individuals would be targeted by the software at Accor and CommBank Stadiums, cyber experts have raised privacy and hacking concerns for the wider community.

Patrons at CommBank Stadium before the introduction of facial recognition technology. Picture: Jason McCawley/Getty Images
Patrons at CommBank Stadium before the introduction of facial recognition technology. Picture: Jason McCawley/Getty Images

“Facial recognition software is used for one purpose only – to intervene and stop an attempt by a person to enter our venues where that person has been banned from doing so. Only banned persons are enrolled in our facial recognition system,” a Venues NSW spokesman said.

“These cameras serve as a crucial tool in maintaining a safe environment at sporting and entertainment events.

“No personal data, such as names or biometric identifying information, is captured or stored unless an individual has committed an offence and subsequently been banned from our venue.”

However, this was challenged by Macquarie University director of information security and privacy research Dali Kaafar.

Prof Kaafar said facial recognition systems had to capture identifying information from all faces scanned in order to match them to the database of banned individuals.

“Technically speaking, there is a short period of time where the individual’s data is collected by the system,” he said.

“The vendors could have promised that no personal data is being stored, but (the accuracy of that claim) really depends on their definition of ‘how long’ … In terms of computer processing, it could be less than a second, or it could be hours and days.”

Rock band Metallica are coming to Australia in 2025, potentially in time for fans to be part of the new surveillance plan. Picture: Supplied
Rock band Metallica are coming to Australia in 2025, potentially in time for fans to be part of the new surveillance plan. Picture: Supplied

Similarly, Australian Privacy Foundation chair and UNSW cyber law expert David Vaile said biometric data belonging to “every person” that enters the stadium was “definitely” being captured and stored for some period of time.

And this meant the data could be hacked.

“No-one anymore can credibly promise to keep out a motivated intruder on any digital data system,” he said.

Australian Privacy Foundation chair David Vaile does not support the collection of biometric data. Picture: Anna Kucera
Australian Privacy Foundation chair David Vaile does not support the collection of biometric data. Picture: Anna Kucera

Mr Vaile called on Venues NSW to be more transparent about its facial recognition technology and the external companies involved.

“There will be a tiny notice on the door that says ‘if you come by here you agree to our privacy policy’,” he said.

“Stadiums are projecting risk onto their customers – the data subjects – and assuming the cost of that risk is nothing because Australia has really weak privacy laws and the current reviews don’t really fix it so they can do it with impunity.”

He said collecting biometric data, such as faceprints, had potential lifelong ramifications.

“If it gets hacked and they feed it into an artificial intelligence system or there is identity theft or it’s used as the last chink in the puzzle to identify you in another system, you may never know or it may be years in advance,” he said.

“They are relying on that ambiguity and uncertainty and complexity of the problem to make you think ‘it’s too much trouble, I’ll just put up with it’.”

The Australian National University’s Dr Vanessa Teague said it was “very common for corporations to pretend that they’re not collecting personal information when they actually are”.

NSW acting privacy commissioner Sonia Minutillo said “any data collected for the purposes of FRT (facial recognition technology) should be appropriate and lawful and secure, and while no mandated period for data destruction, consistent with the privacy principles any data collected for the purposes of FRT should not be held for longer than is necessary.”

Do you have a story for The Daily Telegraph? Message 0481 056 618 or email tips@dailytelegraph.com.au

Add your comment to this story

To join the conversation, please Don't have an account? Register

Join the conversation, you are commenting as Logout

Original URL: https://www.dailytelegraph.com.au/news/nsw/facial-recognition-surveillance-coming-to-accor-and-commbank-stadiums/news-story/81efc8cd4e43efdddaac01e886deb73a