Use of ‘concealment detection technology’ in retail stores
Further guidance on the use of 'concealment detection technology’ to keep in mind if you are seeking to invest and implement across your stores.
A successful trial carried out by Sainsbury’s in 2020 of ‘concealment detection technology’ (“CDT”) has paved the way for a rollout across all major retailers.
The technology, hailed as the latest weapon in the battle against shoplifting, works by using machine learning (AI) to recognise and report suspicious behaviour noted on CCTV feeds within the store. CDT can detect when an item has been placed in a pocket or under a coat. Security staff are then alerted via an app, and shown a four-second video of the theft, with the culprit highlighted in a red box.
ThirdEye, the London based company behind the technology, reported that 50% of thefts had been prevented during the trial. Whilst this all sounds very positive, and an investment that will surely pay for itself, there could potentially be some legal implications.
Retailers already need to utilise CCTV systems carefully to comply with the Data Protection Act 2018 including:
- Having clear and prominent signage regarding the use of CCTV
- Secure storage of CCTV images, retained only for so long as is necessary
- Regular Privacy Impact Assessments (PIA) to demonstrate the use of CCTV is justified and proportionate
As the introduction and use of CDT represents a change in the way CCTV images are stored and processed, retailers who are considering using CDT should carry out a new PIA, or update their existing PIA to cover the specific aspects and implications of this technology.
As CDT operates by sending CCTV images to the mobile devices of security staff via an app, retailers should work with any third party company which operates such software to ensure that any captured images are also stored securely within the app itself, and are not retained for longer than necessary.
Whilst the software operator will be considered to be a ‘data controller’ by virtue of controlling the app within which personal data is processed and stored (no matter how briefly), it is possible to have more than one data controller, and the retailer could also be processing the same data via controlling the app and any mobile devices held by their staff.
In addition to considering DPA issues, retailers may need to give consideration to the accuracy of the technology and the implications that may come from detaining a significantly higher number of suspected shoplifters.
Detaining a customer who proves to be innocent could potentially give rise to a claim for false imprisonment. If a security guard uses force to detain a customer who refuses to stop and tries to walk away, a claim for assault could also be made. If the incident occurs in front of other members of the public, which is likely, it is even possible that an associated personal injury claim for psychiatric injury could be made, due to the distress and humiliation suffered.
Unlike police officers (who have specific powers to stop and detain members of the public provided they have a ‘reasonable suspicion’ that an offence has been committed) a private security guard has no more legal powers than any other member of the public. They have no power to stop and detain a customer unless carrying out a citizen’s arrest. For a citizen’s arrest to be lawful, clear evidence of the offence is required — the customer needs to essentially be caught in the act with a stolen item(s) about their person.
Whilst the theft of any items worth less than £200 is now classified as ‘low-value shoplifting’, which is a summary only offence (s22A Magistrates’ Court Act 1980), section 176(6) of the Anti-Social Behaviour, Crime and Policing Act 2014 preserves the power to carry out a Citizen’s Arrest for low-value shoplifting. Ordinarily, a citizen’s arrest can only be lawfully carried out for an indictable offence (section 24A of the Police and Criminal Evidence Act 1984).
If the security guard gets it wrong and detains someone who is innocent, that person will have a prima facie case for false imprisonment, regardless of how long the detention lasts. ‘Detention’ in the context of the tort of false imprisonment does not necessarily mean the use of physical force to detain a person — the use of words to assert authority, in order to convince a customer they are not allowed to leave the store or confining them in a corner without actually touching them, could still constitute detention.
The risks discussed above will not be new to retailers. However, the use of CDT could lead to a significant increase in these risks, which should be considered alongside the benefits that CDT may bring in terms of theft prevention.
Providing training and guidance to employed security staff regarding the use of the app (or vetting private security contractors to ensure they do so), in particular about how to analyse and act upon the different images they receive, is likely to be important. Any less clear images of suspected shoplifting that are captured should be treated with caution. What if, for example, the software analyses the CCTV images of a person reaching inside their jacket, and flags this as theft, when the customer was simply reaching for their wallet or phone? Does the image clearly show an item being placed inside the jacket or pocket?
There could also be an added risk once the technology becomes widespread, and the public become aware of its use and the implications. It has not been unknown for customers to deliberately ‘goad’ retail staff and security into stopping them and accusing them of theft, as a route to pursuing a claim for compensation. They could, for example, try to deceive the technology by reaching into their clothing hoping to then be stopped.
The benefits of CDT may well prove to outweigh any risks, but retailers may wish to keep the above in mind if they are seeking to invest and implement it across their stores.
We offer a comprehensive suite of legal services to retailers. Find out more about our services in retail law.