When you pop into a shop on the way to work to pick up a hot cup of tea on a cool early winter morning, you do not expect a potential data privacy issue to hit you square in the face. Most certainly not at the otherwise friendly outlet where you buy the nice warm cup of green tea at. That is exactly what happened at a Chaayos store this morning. The company, Sunshine Teahouse Pvt. Ltd. has deployed facial recognition as an integral part of the order process at its stores, including the one I visited in the Delhi NCR region. And indeed, it is going to happen to everyone at every Chaayos store they visit across the country which now collects the facial data of the person placing an order.
While it is great to have an intersection of technology in our everyday lives, there are certain issues with the way this particular implementation has been done. So, what exactly is this?
At almost every Chaayos store, one standard fixture at the time of placing an order is the tablet docked on the counter—you enter your mobile number, you get an OTP and you place your order. Someone somewhere is making a log of when you drink tea, which tea do you prefer, what time do you order, how much do you pay, the mode of payment and so on. Fine, that is something we have come to accept. In return, you get the promise of some free teas after every few orders you make. Now however, these tablets have become a potential weapon of data privacy. The change that Chaayos has done is that when you reach the counter and see this harmless tablet sitting there, you habitually tap on “Start” on the screen. For a fraction of a second, you see the interface of what looks like the front facing camera on the tablet in action—it is looking at you. Then it disappears and you then see the next page wherein you fill in your name and mobile number. What you probably didn’t realise is, your facial data has been captured. Your face has been clicked in a photo and your face is now linked with your name and phone number which you just shared.
Just a reminder of what the “start” screen says, in beautiful fonts dressed in green colour—FACE IT” and “why put numbers through when we can identify you?” None of this really tells you the face recognition data is about to be captured.
Now let us look at a few potential issues this creates.
First, there is no explicit communication or messaging in the store or on the tablet that informs a customer that a facial recognition system is at work here. Secondly, there is no process of taking customer’s consent before capturing their face recognition data. You also do not tap on a button on the screen to click your photo before sharing. It all happens on its own, in a blink-and-you-miss sort of speed. Neither does the staff at the store tell you that your facial data is being captured. If you happen to be in a conversation over the phone or with a friend, you’ll probably miss this completely. You’ll never realise that Chaayos has taken your facial data, without your consent.
On the face of it, there doesn’t seem to be an opt out. Since actually, there no consent being taken here and everyone by default is enrolled into the Chaayos database with their face linked to a name and phone number. However, only upon specifically demanding that I be allowed to place an order without facial recognition data was I given the option to. But I still do not know if the tablet where I had to punch in my name and number to generate the OTP decided to still click a photo of my face, nonetheless. But the Chaayos staff have clearly been advised not to mention this option, unless asked.
This was first observed by fellow journalist Kumar Sambhav Shrivastava (@Kum_Sambhav on Twitter) in a tweet, in which he wrote, “Hello @Chaayos. Your sale counters are collecting facial image data of customers. What for? What are your consent and disclosures policies for its use? Are you aware of the legalities?” The reply from Nitin Saluja (@Salujanitin) didn’t really seem to clarify those issues in the public domain, instead replying, “Hey Kumar Sambhav, hope you are well. I would like to understand the concern flagged by you a bit more. Can you DM your contact?”
The explanation that I got from the Chaayos staff was that this has been done to eliminate the need for OTPs the next time a customer places an order. The face recognition data in the system will authenticate them, thereby not requiring an OTP instead. Apparently, the OTP system tends to have an issue at times, and OTPs don’t reach customers at times. Well, would you really believe that Chaayos, which can implement facial recognition, cannot handle OTPs without tripping over their own feet?
This does pose a few questions.
Why does Chaayos need to capture a customer’s face recognition data? One would believe most customers did not have any issues with sharing their mobile number for OTPs, but isn’t this a bit of an overreach? Secondly, why is there no clear communication or messaging displayed inside the store or on the tablet that a customer’s facial data is being captured at the time of placing the order? And the biggest worry is the complete lack of consent and guidelines—the way this has been done gives the perception that capturing facial data seems to be a right that companies have, and the person whose facial data is being captured has no choice. That is not how it is, and certainly not how it should be.
Wait, there is more.
Why does the system capture the image in a hurry (which some would surely term as sneaky) and not allow the user to tap on a capture button or some such option, so they know what image they are sharing? A lot of business complexes also have similar check-in system, but a user knows that explicitly beforehand. How do we know that this tablet isn’t already capturing photos or recording a video of the person placing the order, even before they press start on the tablet?
That’s not all.
While there seem to be no guidelines about the face capture system, and no mention of it or any consent, one must surely also worry about the safety of the data that is being collected hook or by crook. The lack of transparency means there are no details on who can access the data that Chaayos is collecting. Where is it being stored? How secure is this data? What are the safeguards in place to ensure this data isn’t compromised? Can a customer choose to have this data deleted if they wish to?
Since the name and contact number of the user are now linked with their face data, how does it help Chaayos? And one really cannot help but ask, will this data be sold to the highest bidder at some point?
As a customer, you probably need to appreciate that your biometric data, such as your face and fingerprints are permanent. And there is a significantly greater risk if these were to be misused. Unlike a password or pin that you can change.
There are significant privacy issues at play here. And no clear answers for any of the questions just yet. We have reached out to Chaayos to understand why the facial data collection is happening as well as the consent, privacy and data security concerns and we shall update you once we hear back.
Some users are also reporting that they are being forced to sign-up for facial recognition at Chaayos stores. “Love your chai @Chaayos but bring back the phone number authentication. Facial recognition is eerie & disturbing & should be opt-in. The cashier at SDA refused to let me use my existing @Chaayos wallet balance unless I register my face. #chaiSurvelliance #dystopian,” writes Twitter user @ankitmalik.
It goes without saying that the lack of any concrete rules in India that dictate facial data collection does not make it a free-for-all system. Corporates really need to look at the risks as well, and not just pursue the implementation of technology as they may deem fit. Responsibility is what customers would appreciate, surely.