惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

S
Security Affairs
S
Schneier on Security
T
Tenable Blog
G
GRAHAM CLULEY
Latest news
Latest news
D
Darknet – Hacking Tools, Hacker News & Cyber Security
A
Arctic Wolf
I
Intezer
Cyberwarzone
Cyberwarzone
T
The Exploit Database - CXSecurity.com
T
Tailwind CSS Blog
K
Kaspersky official blog
Blog — PlanetScale
Blog — PlanetScale
C
Cyber Attacks, Cyber Crime and Cyber Security
T
Threat Research - Cisco Blogs
爱范儿
爱范儿
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
博客园 - 叶小钗
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Recent Commits to openclaw:main
Recent Commits to openclaw:main
P
Palo Alto Networks Blog
WordPress大学
WordPress大学
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
博客园 - 司徒正美
The Cloudflare Blog
Help Net Security
Help Net Security
罗磊的独立博客
博客园 - 聂微东
Jina AI
Jina AI
Project Zero
Project Zero
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
L
LINUX DO - 最新话题
V
V2EX
人人都是产品经理
人人都是产品经理
美团技术团队
博客园 - 【当耐特】
Spread Privacy
Spread Privacy
J
Java Code Geeks
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Security Latest
Security Latest
The Last Watchdog
The Last Watchdog
Stack Overflow Blog
Stack Overflow Blog
雷峰网
雷峰网
S
Securelist
Forbes - Security
Forbes - Security
博客园 - 三生石上(FineUI控件)
Microsoft Azure Blog
Microsoft Azure Blog
P
Privacy International News Feed
宝玉的分享
宝玉的分享
C
CERT Recently Published Vulnerability Notes

Tech

CBA chief economist Luke Yeaman talks down risk of ‘AI bubble’ at Australian Defence Industry Accelerator Summit The Industry Speaks, Part 1: AI Appreciation Day 2026 Open banking expands as non-bank lenders join Consumer Data Right Telstra CEO says she is ‘deeply sorry’ for nationwide outage Army uses AI-enabled recon drones in Exercise Southern Jackaroo Telstra finds secondary outage issue impacting 000 as government notes a Telstra finds secondary outage issue impacting 000 Telstra outage: Ministers, experts, and academics respond; ACMA to conduct full investigation 000 calls and Melbourne trains impacted by Telstra outage Kinetic IT launches AI engineering division to accelerate enterprise AI deployment US government lifts access controls on Anthropic’s Claude Fable 5 and Mythos 5 WA announces data science, artificial intelligence training program with industry, UK’s Faculty Civil liberties org rails against deployment of facial recognition tech by WA Police CrowdStrike expands QuiltWorks alliance with Amazon Web Services Vodafone urgently investigating outage impacting millions of Aussies Space Centre Australia debuts ASTRIS mission artificial intelligence at Australian Space Summit Is AI profitable yet? One website seeks to answer that question Report: Australians' faith in AI is almost non-existent Monash researchers unveil breakthrough photonic chip for next-generation AI and quantum computing Report: AI-based data incidents on the rise in Australia Anthropic launches dedicated Claude Security platform to public beta Ukrainian official advocates for artificial intelligence, autonomous drones for battlefield deployment CrowdStrike launches Project QuiltWorks to tackle skyrocketing AI-discovered vulnerabilities Outsiders are already accessing Anthropic’s new AI model, but is Claude Mythos really that powerful? Report: Data collection by school-backed apps in Australia is out of control and a risk to kids Kinetic IT appoints Kishore Jayaram in new chief transformation officer role Anthropic launches Claude Opus 4.7 as researchers reveal fake Claude installer spreading malware US Federal Communications Commission announces ban on foreign-made consumer routers Australian arm of clothing retailer Lululemon fined $702k over spam breaches Not on our watch: Coles, Palantir respond to GetUp anti-surveillance campaign Kinetic IT earns fifth Deloitte Best Managed Companies award Inside Genetec: How a once-hardware-centric sector has become a software battleground Rubrik reveals Agent Cloud to secure agentic AI in the enterprise Kinetic IT appoints Jeremy O’Donohue to lead state government and critical infrastructure portfolio Kinetic IT awarded ICT contract with Department of Defence Send nudes: SecDef Hegseth announces Grok rollout at the Pentagon UNSW lands $3m next-gen AI defence contract ServiceNow announces acquisition of Armis Axonius denies reports of Cisco acquisition
Sausage watch: What are the implications of this week’s Bunnings facial recognition ruling?
david.hollingworth@momentummedia.com.au (David Hollingworth) · 2026-02-06 · via Tech

The Aussie hardware giant has been given the go-ahead to use facial recognition technology in its stores to fight crime – but what does this mean for the Privacy Act business, and ordinary Australians?

This week, beloved hardware store and sausage sizzle destination, Bunnings, won its appeal against a 2024 ruling by the Australian Privacy Commissioner that found the store’s use of facial recognition technology (FRT) was a violation of customer privacy.

Bunnings had been using the technology to combat ever-growing and violent criminal behaviour impacting the store and its staff, and it will now be allowed to do so again.

You’re out of free articles for this month

To continue reading the rest of this article, please log in.

The Administrative Appeals Tribunal ruled this week that Bunnings could use FRT for “the limited purpose of combating very significant retail crime and protecting their staff and customers from violence, abuse and intimidation within its stores”.

But what are the implications of this new ruling for the Privacy Act, and what does it mean for businesses and consumers?

A targeted security response

Lyn Nicholson, general counsel at law firm Holding Redlich, told Cyber Daily the decision “provides important clarification on how the Privacy Act applies to the use of facial recognition technology in retail settings”.

“This week’s decision establishes that the Privacy Act does not impose a blanket prohibition on the use of facial recognition technology. Its lawful use depends on a reasonable suspicion of unlawful activity and a proportionate response to that risk,” Nicholson said.

“In this case, the tribunal accepted that the scale and nature of violence and theft in Bunnings’ stores, including repeat offending, as well as features of the store environment such as multiple entry and exit points and the availability of items capable of being used as weapons, justified a targeted security response.”

Nicholson added that the ruling also provided guidance in terms of proportionality and the Privacy Act.

“The tribunal assessed proportionality by reference to the seriousness of the harm being addressed, the limited purpose for which the technology was deployed, and the extent to which privacy impacts were mitigated through system design,” Nicholson said.

“The tribunal placed weight on safeguards such as the immediate deletion of non-matching images and the absence of broader tracking or identification of customers.”

The decision, according to Nicholson, also reinforced the fact that just because collecting such information may be lawful, it still does not remove any obligations under Australian Privacy Principles.

“The tribunal agreed with the Privacy Commissioner that Bunnings failed to meet transparency and notification requirements, including by not adequately disclosing the kinds of personal information collected and how that information was handled,” Nicholson said.

“Taken together, the ruling illustrates that organisations seeking to rely on exceptions under the Privacy Act must be able to substantiate the risk, demonstrate why biometric collection is warranted, and ensure that privacy policies and customer notifications accurately reflect how the technology operates.”

… Or a wider threat?

On the other hand, Eddie Major, AI learning and teaching coordinator at Adelaide University, was less sanguine concerning the decision.

“This is the wedge – mass biometric surveillance without consent is now lawful in Australia for preventing crime,” Major said in a post to LinkedIn.

“While it does not open the door to broad surveillance for other purposes, such as behavioural profiling, it sets an important precedent. Australia doesn’t have AI-specific legislation, so cases like these are likely to have significant watershed impacts.”

Major added that while this may be a win for Bunnings, several other Australian businesses were continuing to employ facial recognition unlawfully. In particular, he highlighted the use of FRT in gambling venues to recognise high-value customers, alongside the use of Chinese AI camera technologies that – while banned in countries such as the United States – are still being used locally.

“I expect the scope to grow,” Major said, “with deployment of systems designed to predict behaviour and intent, based on inference of visual attributes, and extract maximal commercial value accordingly”.

Cyber DailyWant to see more stories from trusted news sources?
Make Cyber Daily a preferred news source on Google.

Tags:

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.