765
Why the hell does a vending machine need a facial recognition camera to "activate the purchasing interface"?
There should just be a set of buttons to select what you want and a window so you can see what items are available.
Stanley sounded alarm after consulting Invenda sales brochures that promised "the machines are capable of sending estimated ages and genders" of every person who used the machines without ever requesting consent.
So they can sell it.
Yup it's for "advertising" say for example the Army wants to know which areas have the most fighting aged men. So posters and recruiters know where to hang out. (this is the most extreme example.)
load more comments
(1 replies)
I saw some posts about a similar technology in the meetings and events industry: a company is selling "facial analysis" not "facial recognition." They try to get around privacy laws by saying "well our technology does scan every single face it sees, but it doesn't store that image, it just determines age, gender, race and emotional sentiment and adjusts tallies for those categories in a database."
It's still information gathering I didn't consent to while attending a conference, and it's a camera with the potential to be hacked.
Of course it's always about marketing and advertising. They want to have a heat map of which areas are popular and at what times. In the case of events so they can sell to sponsors and exhibitors. In this university it's less clear. Do the vending machines have a space to sell ads? That would be my guess.
Because people are dumb. If the machine knows when someone is looking at it, it can stop doing whatever it does to try and get your attention, and put itself in “sales mode”.
Still, you’re right. It seems like an overly complicated and expensive solution. Old-fashioned vending machines did the job just fine.
why do people think it's okay to do this shit? if you're coding facial recognition for a vending machine, that's like 80 steps too far down the capitalism ladder
if you took this machine back to the 1920s and told people what it was doing, they'd shoot at it. and probably you
80 steps too far down the capitalism ladder
This is the result of capitalism - corporations (aka the rich selfish assholes running them) will always attempt to do horrible things to earn more money, so long as they can get away with it, and only perhaps pay relatively small fines. The people who did this face no jailtime, face no real consequences - this is what unregulated capitalism brings. Corporations should not have rights or protect the people who run them - the people who run them need to face prison and personal consequences. (edited for spelling and missing word)
In the article is a sound explanation: the machine is activated by detecting a human face looking at the display.
If this face recognition software only decides "face" or "not face" and does not store any data, I'm pretty sure this setup will be compatible with any data protection law.
OTOH they claim that these machines provide statistics about age and gender of customers. So they are obviously recognising more than just "face yes". Still – if the data stored is just a statistics on age and gender and no personalised data, I'm pretty sure it still complies even with 1920s data protection habits.
I'm pretty sure that this would be GDPR conform, too, as long as the customer is informed, e.g. by including this info in the terms of service.
If I need to accept a TOS to use a vending machine, I don’t need to use that vending machine.
load more comments
(2 replies)
The students should get together and jack the machine away into their hacking club and do some reverse engineering, so that we get more information on how the data collection worked as opposed to just trusting the company's statements. If a hacking group like the German Chaos Computer Club got behind this, they could release their findings while keeping the perpetrators anonymous. However, I’m pretty sure the machine is just a frontend to a server, which got shut down as soon as the students complained, with no GDPR-like checkout being available in the jurisdiction.
When you start tinkering with a machine learning model of any kind, you’re probably going to find some interesting edge cases the model can’t handle correctly. Maybe there’s a specific face that has an unexpected effect on the device. What if you could find a way to cheese a discount out of it or something?
Imagine a racist vending machine. The face recognition system think this customer is black with 81% confidence. Let's increase the price of grape soda! Oh look, a 32 year old white woman (79% confidence). Better raise the price of diet coke!
load more comments
(4 replies)
load more comments
(6 replies)
After that, set the thing on fire and throw it in the manufacturers office
“Where Cadillac Fairview was ultimately forced to delete the entire database, “
LOL yeah right.
“OK BUBBA! WE DONE DEE-LEETED THE ENTIRE THANG!!”
Bollocks.
They probably gave the ‘enforcement’ agency a blank hard drive and said “Well, gee, shucks. That’s all we had!”
Why are you caricaturing Canadians as Hillbillies? They didn't even apologize once, this is totally unbelievable.
load more comments
(2 replies)
I love how vending machines run windows now
Tons of Point of Sale terminals run Windows instead of Linux for some reason, probably because the software they run is only written for Windows.
Makes sense, but a vending machine shouldn't need a fully fledged OS in the first place imo
I don't get it either. What do vending machines need to be computerized for at all? What was wrong with the old kind that was around for decades where you put your money in, pushed a button, and stuff came out? I certainly can't think of a reason for a vending machine to have a camera. That's nuts.
It's 2024, most people don't carry cash, and the whole world runs on automation. These kinds of vending machines are completely over the top, but it's actually a pretty bad idea to not use computers for this application. Just knowing when machines need to be refilled remotely saves more money than such an implementation would cost.
load more comments
(7 replies)
load more comments
(8 replies)
load more comments
(3 replies)
Just imagine the license fees.
That's why the need facial recognition, to sell the data to pay for licensing fees.
load more comments
(3 replies)
"facial recognition exe" doesn't say anything about a "face image database" as this post title claims.
To the people that allowed that gross invasion to happen:
Oopsie woopsie, diddums make a widdle fucky wucky? Yes you did. Yes you did.
Then do what you'd do to any other child: take away the toy they misbehaved with.
Hmm.... facial recognition vending machine huh....
Finally it's time for my jammer & some script from c/netsec to shine
I'd doubt it's collecting or transmitting much. It's probably just estimating age, sex, race etc. and using it to decide which promotion to put on screen. It's possibly collecting these to determine what type of people use the machine. Similar to those billboards in shopping centres.
Storing each individual to recognize later or identify online seems like a stretch.
If it did have a user bio database, it would be centralised and not on the machine itself.
Still not ok.
The first question that came to my mind was - A M&M vending machine?. The the actual fuck society
I’ll play devil’s advocate. The machine recorded estimated age and gender. Assuming it tracked statistics and didn’t store images, what is the real harm? Future candy will have different designs after they found most users were 70yr old grandpas?
It is anonymized PII data collected without explicit consent, sure, but don’t blow it out of proportion. There is no big surveillance state plot here (yet), just an overzealous marketing team.
Not everybody who approaches the machine or walks past it is really consenting to their appearance being logged and analysed though - not to mention that "we don't store data" is only true if the security is effective and no exploits manage to weaponise the camera now staring back at you as you try to make a purchase.
Ultimately vending machines are completely passive sales anyway, the collection of demographic data about who is buying from the machine are a little useless because it's not like the machine can work on its closing techniques for coin based candy sales.
If you don't have access to the source code then you don't know what it's doing. If there's economic incentives to take my picture and tie my face to my name then I'm going to assume "trust us, it's anonymous" means "we buy and sell your data" (at least).
If you'll grant there are people in power who would want a surveillance state and businesses routinely sell data to governments then you don't get to dismiss this out of hand. We have to draw the line somewhere, even if marketing people with a stalker mentally don't see the line.
This is the best summary I could come up with:
The Reddit post sparked an investigation from a fourth-year student named River Stanley, who was writing for a university publication called MathNEWS.
Where Cadillac Fairview was ultimately forced to delete the entire database, Stanley wrote that consequences for collecting similarly sensitive facial recognition data without consent for Invenda clients like Mars remain unclear.
Stanley's report ended with a call for students to demand that the university "bar facial recognition vending machines from campus."
Some students claimed on Reddit that they attempted to cover the vending machine cameras while waiting for the school to respond, using gum or Post-it notes.
The technology acts as a motion sensor that detects faces, so the machine knows when to activate the purchasing interface—never taking or storing images of customers."
It was only after closing a $7 million funding round, including deals with Mars and other major clients like Coca-Cola, that Invenda could push for expansive global growth that seemingly vastly expands its smart vending machines' data collection and surveillance opportunities.
The original article contains 806 words, the summary contains 166 words. Saved 79%. I'm a bot and I'm open source!
Time to hack the vending machine snd delete all the partitions off of it and render it unusable
load more comments
(4 replies)
Those any combination coca cola machines have cameras on them.
view more: next ›
this post was submitted on 24 Feb 2024
765 points (100.0% liked)
Technology
84981 readers
2956 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 3 years ago
MODERATORS