Security at Taylor Swift’s Rose Bowl show in May reportedly used facial recognition technology to monitor the crowd for the singer’s known stalkers. According to Rolling Stone, a screen playing rehearsal clips had a facial recognition camera surreptitiously embedded to record concertgoers who were watching the footage. “Everybody who went by would stop and stare at it, and the software would start working,” Mike Downing, the chief security officer of Oak View Group, told the magazine.
A command post in Nashville, almost 2,000 miles away from the venue, then cross-referenced the recorded images with a database of more than 100 people who had previously stalked Swift. It’s unclear who made this list or what the criteria was for being added, but a number of people have been arrested over the years for allegedly stalking or threatening the singer, including breaking into her home.
The details surrounding the company that developed the technology or how it’s being used at concerts are scant. However, this case is part of a growing trend of venues around the world using facial recognition technology. The Wall Street Journal reported this spring that police in China had arrested three fugitives at performances by Hong Kong pop star Jacky Cheung after using the technology to scan crowds of as many as 60,000 concertgoers. Concert venues in Japan have also been using facial recognition for security since 2014.
Advocacy groups are concerned about the little that we do know about the use of the technology at the Swift concert. “Companies have a responsibility to respect human rights, and they need to make sure any monitoring that they do is really limited to what is strictly necessary to achieve a legitimate aim,” says Sarah St. Vincent, a researcher and advocate for Human Rights Watch. “If this company is learning that this person is attending a Taylor Swift concert and maybe stood next to certain other people or went to the bar to get a drink or engaged in other things, that’s data that’s valuable for them to sell.” This makes it all the more important, argues St. Vincent, for companies to notify people when facial recognition is in use and give them the chance to opt out.
There are few states in the U.S. that have laws regulating biometric authentication, particularly when it comes to private businesses like most concert venues. “It’s kind of a Wild West out there right now,” says Jay Stanley, a senior policy analyst with the ACLU’s Speech, Privacy, and Technology Project. “As long as it’s private property, they can take your image and do whatever analytics they want with it, including facial recognition.” Therefore, companies do not necessarily need to inform and obtain consent from people to use the technology, delete the biometric data they collect within a certain amount of time, or implement other limits.
Potential uses of the technology are growing, too. Venues are looking to use facial recognition not only for security purposes, but also for convenience. Ticketmaster recently invested in a facial recognition startup called Blink Identity, hoping to use the technology to register ticketholders more efficiently when they walk through turnstiles at events.
However, even this seemingly benign application may have unintended consequences, especially because facial recognition is notoriously inaccurate when it comes to identifying people of color. “I don’t think someone running a concert wants to set up a system that starts flagging people because they’re a racial minority,” says Jake Laperruque, who serves as senior counsel at the Constitution Project. “We see a lot of times that new shiny toys just get grabbed without due diligence and vetting for whether they’re effective or not.”