Pub scanners raise privacy concerns
14 September 2013
Lucy Carroll, reporter Fairfax digital media
More than 50 pubs and clubs – including Marquee, the Ivy and the Coogee Bay Hotel – have already introduced ID scanners, many of which take photos of patrons on entry.
But the use of scanning devices – installed to stop alcohol-related violence – are putting people at risk, says Bill Rowlings, head of Civil Liberties Australia.
”There must be signs at entrances that clearly establish what will happen to your information and how the photos will be treated,” he said.
Under the Privacy Act, pubs and clubs must comply with national privacy principles – rules that restrict how businesses handle personal information.
”Pubs should only be taking ID from people if it’s absolutely necessary,” he said.
He said that patrons who hand over licence details and have their photos taken are effectively ”trusting” bouncers and hotel staff with personal information.
ID scanning company Scannet gives venues the rights to their own databases, and supplies machines that take “real-time” photos of patrons which are then stored for up to 28 days.
Hotel operators have the ”option to activate” the camera setting, said Scannet’s director Joel Sheehan.
”Photos on drivers’ licences are often five or 10 years old,” he says. ”If you take an updated photo of someone you can cross match it to the CCTV footage if you’re trying to find them.”
At the Star’s Marquee nightclub, ID scanners have been in use on Friday and Saturday nights since March last year.
Photographs of patrons and licence details are stored on an internal database and are kept on file for up to 28 days, unless a patron is ”flagged” as a security risk.
”Customers are aware that if they do the wrong thing they can be traced back to their entry and identified,” says a spokesperson at the Star.
Taking photos is a ”far better option” than relying on ID only, said a spokesperson for the Australian Hotels Association.
But the AHA said the photographs, like the information recorded, should be ”stored off-site in accordance with the Privacy Commissioner’s guidelines immediately after a person is scanned into a premise”.
QikID, a start-up scanning system used by Coogee Bay Hotel and Slip Inn, manages databases from a central service so no data is held at the venues.
”As a general rule all information is kept for 30 days unless the patron is added to a banned or a watch-list,” said QikID’s chief executive, Paul McGrath.
But Mr Rowlings said keeping photos and information for up to month was unnecessary.
”What these clubs are doing is assuming everyone is guilty. And you have to prove your innocence by not doing anything at all that conflicts with their rules,” he said.