Safety and legitimacy must rise together

Retail violence is no longer just a shrinkage issue. It’s a workplace safety issue.

Across Australia and New Zealand, assaults, intimidation and repeat violent offending inside retail environments have escalated. Staff are leaving. Customers feel unsafe. Security responses are becoming more reactive and more confrontational.

Live Facial Recognition (LFR) is increasingly being explored as a preventative measure - not to monitor everyone, but to detect known repeat violent offenders before harm occurs.

Facial recognition technology (FRT) is the broader category of systems that analyse and compare facial images. LFR refers specifically to its real-time deployment, matching individuals against a defined watchlist as they enter a physical space.

But regulators have made one thing clear: deploying LFR elevates responsibility. The question is no longer “Can we use this technology?” It is “Should we - and can we prove we are using it responsibly?”.

The Regulatory Reset: Governance is the Product

Recent scrutiny from:

• New Zealand’s Office of the Privacy Commissioner (OPC) in its review of the Foodstuffs North Island (FSNI) Live Facial Recognition trial
• Australia’s Office of the Australian Information Commissioner (OAIC), particularly in the Bunnings matter
   

shows a clear convergence.

Retail LFR is being treated as high-risk biometric data processing. Legitimacy now depends on:

• A narrowly defined safety purpose
• Demonstrable effectiveness
• Strict watchlist governance
• Immediate deletion of non-matches
• Human verification before action
• Transparent public notice
• Documented privacy impact assessments
• Ongoing oversight

Recent Australian tribunal findings also reinforce that even where limited-purpose exemptions may apply, governance failures, particularly around transparency and documented risk assessment, will not be excused. Reliance on safety justifications does not reduce scrutiny; in practice, it often increases it.

Regulators are not just reviewing technology. They are reviewing operating models.

What Responsible Deployment Looks Like in Practice

A credible LFR deployment in retail today should include:

1. A Defined Safety Case

LFR must be tied to clearly documented repeat violent behaviour - not general deterrence, analytics, or convenience.

The purpose should be specific:

• Prevent repeat assaults
• Prevent threats involving weapons

• Prevent targeted intimidation

If less intrusive controls can achieve the same outcome, regulators expect them to be used.

Recent regulatory reviews in New Zealand have explicitly tied legitimacy to evidence that LFR is both effective in reducing serious repeat harm and proportionate relative to other available controls. Retailers should be prepared to demonstrate both.

2. Hard Purpose Limitation

• No marketing
• No customer analytics
• No staff monitoring
• No secondary uses
   

Function creep is the fastest way to lose legitimacy.

3. Privacy-by-Default Architecture

Responsible systems:

• Delete non-matches immediately
• Restrict access to trained, authorised personnel
• Encrypt templates in transit and at rest
• Enforce strict retention limits
• Maintain immutable audit trails
   

The system should be engineered to minimise collateral collection.

4. Watchlist Governance

Best practice includes:

• Clear enrolment criteria tied to documented serious conduct
• Two-person approval for enrolment
• Retention periods aligned to legal exclusions
• Store-level lists (not automatic national sharing)
• Transparent redress processes
   

LFR should not quietly become a tool of broad social exclusion.

5. Human-in-the-Loop as a True Control

Responsible LFR:

• Generates alerts
• Requires trained human verification
• Supports proportionate responses
   

Technology should assist judgement - not automate exclusion.

6. Transparency That Informs

• Prominent signage
• Plain-language explanation
• Public-facing governance documentation
• Clear contact points for privacy enquiries
   

“Covert” LFR in retail settings is unlikely to survive regulatory or community scrutiny.

The Effectiveness Test

Both OPC and OAIC commentary point to a central requirement:

If LFR does not measurably reduce serious repeat harm, its proportionality and therefore its justification weakens.

Retailers should measure:

Safety Outcomes

• Reduction in repeat violent incidents
• De-escalation success rates
• Staff confidence indicators

Privacy Outcomes

• False match rate
• Deletion timing compliance
• Watchlist governance adherence
• Complaint resolution metrics
• Ongoing accuracy and bias monitoring appropriate to the deployment context
   

Deployments should include pre-defined stop/go criteria. If harm outweighs benefit, pause.

LFR should be treated as a monitored deployment environment, subject to periodic review, system tuning, and governance refinement over time.

Ethics: Protection Without Overreach

Retail spaces are public-facing and often essential. That raises the ethical bar.

A defensible approach rests on four commitments:

1. Target behaviour, not identity
2. Minimise collection of everyone else
3. Keep humans accountable
4. Demonstrate real safety benefit
    

When safety and privacy are engineered together, they reinforce one another. When they are traded off, both eventually fail.

The Future: Operating Model as Competitive Advantage

Retailers will not be judged solely on their intentions. They will be judged on:

• Documentation
• Safeguards
• Auditability
• Measurable harm reduction
• Ongoing governance maturity
   

In this new regulatory environment, legitimacy is not claimed - it is engineered.

Those who approach LFR as a governed safety system, rather than a surveillance tool, will be best placed to maintain trust while protecting their people.​​​​​​

Is your retail deployment governance-ready?

Live facial recognition can enhance safety - but only when deployed with discipline, proportionality and clear oversight. NEC works with retailers to design and implement governance frameworks that align safety objectives with regulatory expectations across Australia and New Zealand.

Discuss responsible deployment