Bunnings has hit back after the Privacy Commissioner ruled that it breached privacy laws by using facial recognition technology on customers.
The retail giant on Tuesday released shocking CCTV footage which included scenes of staff members being threatened with knives and a shotgun.
In one clip, a man appeared to hold a knife to a staff member’s throat. Staff were also shown being harassed by a naked man, sucker-punched, shoved or manhandled.
The retail giant maintains it was using facial recognition technology to protect both customers and employees from a spike in violent crime.
Privacy Commissioner Carly Kind released the results of a two-year investigation, finding that the company interfered with the privacy of hundreds of thousands of customers.
Across 63 of its NSW and Victoria stores, between November 6, 2018 and November 30, 2021, Bunnings used the technology on customers without their consent.
Bunnings has been ordered to destroy the information it collected and stop the practice in future – it must also publish a statement on its website explaining what it did wrong.
But the company has now vowed to seek a review of the decision before the Administrative Review Tribunal.
In footage released by Bunnings, a man in a balaclava appeared to threaten staff
Another clip showed a naked man who had been harassing staff
Bunnings Managing Director Mike Schneider said the use of facial recognition technology was sparked by a need to protect customers and staff from ‘ongoing and increasing exposure to violent and organised crime’.
There had been a 50 per cent increase in abuse, threats and assaults in stores in 2023 with a ‘small number of known and repeat offenders’ to blame.
‘Our use of FRT was never about convenience or saving money but was all about safeguarding our business and protecting our team, customers, and suppliers from violent, aggressive behaviour, criminal conduct and preventing them from being physically or mentally harmed by these individuals,’ Mr Schneider said.
‘It was not used in isolation but in combination with various other security measures and tools to deliver a safer store environment.’
The managing director said the store could physically ban people, but FRT was the fastest way of identifying and removing them.
There was a ‘significant reduction’ in thefts at the stores where it was used.
The data gathered was never used for marketing or monitoring customer behaviour, but for matching to a database of people banned from stores.
Commissioner Kind said Bunnings had been co-operative throughout the investigation.
Staff have also been manhandled and knocked to the ground during robberies
Bunnings said a ‘small number of known and repeat offenders’ were targeting stores
‘Facial recognition technology may have been an efficient and cost effective option available to Bunnings at the time in its well-intentioned efforts to address unlawful activity, which included incidents of violence and aggression,’ she said.
‘However, just because a technology may be helpful or convenient, does not mean its use is justifiable.
‘In this instance, deploying facial recognition technology was the most intrusive option, disproportionately interfering with the privacy of everyone who entered its stores, not just high-risk individuals.’
Commissioner Kind found Bunnings collected individuals’ sensitive information without consent, failed to take reasonable steps to notify individuals that their personal information was being collected, and did not include required information in its privacy policy.
Under the Privacy Act, a person’s facial image is classed as sensitive information, with consent generally required for it to be collected.
Bunnings, along with Kmart and Officeworks, is owned by retail conglomerate Wesfarmers, which raked in $44billion in revenues across the 2024 financial year.