Authors: Rishab Bailey and Vrinda Bhandari
This article was first published in Medianama on January . The views are of the individual authors.
The popular teahouse chain Chaayos has been in the news recently for using facial recognition technology (‘FRT’) at a number of its stores in Delhi and Bangalore. Chaayos uses this technology to create profiles of its customers. These profiles are then used to “remember” them on subsequent visits, enabling repeat orders and efficient payment.
It has been reported that Chaayos does not display any information about the use of the personal data (that is, the image) collected by the system, that there was no opt-out option presented to customers, and that there was no obvious way of deleting one’s data from the system.
With the tabling of the Personal Data Protection Bill, 2019 (‘Bill’), in Parliament, the use of FRT may soon be regulated. In this post, we examine how the Chaayos episode would have been treated under the draft Bill, with a view to understand how the law proposes to deal with the issue of consent and the possible penalties for breach of these provisions.
Read the full article here.