Although Christmas, the holiday season and the end of year break are on most people’s minds, the FTC soldiers on. Right before Christmas it announced that it’s seeking public comments on facial recognition technology, the latest bete noire to hit the privacy stage in some circles. The deadline for filing a public comment is January 31, 2012 and directions for electronic filing of comments are available at https://ftcpublic.commentworks.com/ftc/facialrecognition, while those favoring paper-based comments can find directions at the bottom of the press release at http://www.ftc.gov/opa/2011/12/facefacts.shtm.
The FTC’s call for public comments follow on the heels of the public workshop it held earlier this month on Dec. 8th: "Face Facts: A Forum on Facial Recognition Technology," which centered attention "on the current and future commercial applications of facial detection and recognition technologies and and benefits, and potential privacy and security concerns." (The workshop’s agenda is available here, and an archived webcast of workshop proceedings is viewable here.)
The FTC is seeking public comments on issues raised at the workshop, including but not limited to:
- What are the current and future commercial uses of these technologies?
- How can consumers benefit from the use of these technologies?
- What are the privacy and security concerns surrounding the adoption of these technologies, and how do they vary depending on how the technologies are implemented?
- Are there special considerations that should be given for the use of these technologies on or by populations that may be particularly vulnerable, such as children?
- What are best practices for providing consumers with notice and choice regarding the use of these technologies?
- Are there situations where notice and choice are not necessary? By contrast, are there contexts or places where these technologies should not be deployed, even with notice and choice?
- Is notice and choice the best framework for dealing with the privacy concerns surrounding these technologies, or would other solutions be a better fit? If so, what are they?
- What are best practices for developing and deploying these technologies in a way that protects consumer privacy?