Is facial recognition technology coming to a club near you?
UK venues are starting to use facial recognition technologies as part of the entry process. But who stores and profits from your data? And could the UK government work with private companies to make it more common? Simon Doherty investigates
When you approach the doors of a club, a number of things can happen. Exactly what depends on the club, the party, and even the location. If you’re clearly old enough, often you’ll just walk in. But other times, you might need to show a security guard your ID, or have a chat with a member of door staff, to see if your vibe is right for the party. You might be searched, asked to produce a membership card, or be questioned about how much you’ve had to drink.
In recent years, a new element of the club entry process has emerged: you might have your ID scanned or picture taken, possibly using one of these machines. Increasingly, council licencing committees in London are forcing this technology on clubs using a carrot-and-stick approach, even refusing late licences to clubs if they push back against it.
Stuart Glen, co-founder of Tottenham’s The Cause, tells DJ Mag that despite never having had a violent incident at the club, they agreed to have the ID scanners “to get our licence granted. We didn’t really want to do it. It’s not something that we really agree with, in terms of people’s privacy. I appreciate the safety angle of it all,” he continues, “but the council insisted on it. It’s pretty rare to get a late licence.”
We contacted Haringey council, who confirmed that the ID scanners were a condition of The Cause’s late license approval. Both parties argued that the data — a picture of you on the night, and an image of your ID — is kept internally for 30 days, and can only be accessed by the police if an incident takes place. These are the same conditions that were imposed upon Fabric, after their high-profile 2016 battle to re-open.
Although this technology is not currently in widespread use, that could be about to change. Facial recognition entry systems are being installed in bars and clubs across the UK — and, if big technology companies get their way, it’s going to become the norm.
Yoti (Your Own Trusted Identity) is a London-based start-up that has created what they call a ‘digital ID solution’, by using facial recognition as a form of ID and proof of ticket purchase. Launched in 2011, and now valued at £82 million, the Yoti app has been downloaded by 4.7 million people globally.
At the moment, it’s most commonly used in the public, travel, and retail sectors. They’ve established a partnership with Heathrow Airport “to explore biometric travel for passengers.” They also work with NCR Corporation, who make self-service kiosks in supermarkets, and social media app Yubo, who are using their technology to “safeguard” young people online. Last year, the Government of Jersey chose them as its digital identity provider. This, they claim, has resulted in 10% of Jersey’s adult population becoming their customers.
Now, they are attempting to revolutionise the night time economy. A festival in Jersey, The Weekender, is using the app for alcohol sales. Five bars and clubs in Bournemouth — Cameo, Halo, Truth, Yates, and Walkabout — now accept Yoti.
The Yoti offering to the UK club-goer is essentially a more streamlined system of getting in. For the venue, it can mean less blaggers (who are either too young, have no ticket, or have been booted out before), and an opportunity, if the user consents, to collect data on their customers for marketing purposes. The vision for the start-up is that once everyone has their Yoti digital ID, they’ll use it for everything you need ID for, not just getting into a club — to go through airports, for government checks, to buy alcohol, tobacco, and energy drinks, and so on.
It all sounds a bit 1984, right? We spoke to John Abbott, Chief Business Officer of Yoti, in an attempt to glean some more information about how this technology works and, more to the point, what is happening to all that data.
Abbott talked us through the sign-up process. “You create your Yoti ID wallet, and we allow you to take your selfie then we scan your ID. We do some very stringent checks on that in terms of the authenticity of the document, making sure that you’re not a fraudster.” Then what happens? “Once you’ve got that, you very simply share what that business wants to receive. In the nightclub case, they may want to receive the fact that you’ve purchased a ticket and that you are over 18. It’s a quick reshare, if you like, of that data. A very slimmed down version of the driver’s licence.”
So, when I arrive at the club, would I just show my phone or look into a camera? “We can do two options,” Abbott says. “The most preferred option is just scanning a QR code. In some of those cases you could enable in a venue, if the user consented, to use that as a facial entry. It is similar to some of our airport solutions.” Is the data shared with any third parties? “The main thing that we want to avoid is the collection of lots of data in one place,” he asserts. “So we ensure that you, the individual, hold the keys to your data. And only you: We don’t hold a copy so we can’t give them away to anyone else.
“Your encrypted data points — your first name, your last name, your date of birth, your face — are all separately encrypted, only coming back to your key to unlock those,” he continues. “Not even Yoti could get into your data even if we tried.” Could it end up on any government databases? “No, absolutely not. From a consumer perspective, the last thing they want with securing their IDs is to know that the government is tracking their information. Regardless of your government’s intentions or otherwise, it comes back to consent – of what they shared the data for.”
What would happen if I just borrowed someone’s phone and took it to the door staff? That seems like a plausible abuse of the system. “Your document image and details are matched to your facial biometrics,” a spokesperson for Yoti told DJ Mag, in a follow-up email. “Another person trying to add a different face to a verified Yoti would get rejected by our systems, which are a combination of NIST (National Institute of Standards and Technology) approved facial recognition software and a trained team of super recognisers in a cleanroom environment.” They continued: “If security staff had any doubts if the person had swapped phones, they could ask them to update their core Yoti picture and they would be rejected on the spot.”
What do everyday clubbers think about all this? Charlie is a painter who goes clubbing regularly. He says that he thinks it would “be weird” to have to use facial recognition to get into a club, but it wouldn’t stop him from going out. “It would be kind of convenient if you’d forgotten your ID, but it would be morally fucked up,” he says. “I wouldn’t like the feeling it would give me.” Charlotte, who works in a bar and goes out every so often, would not be up for it at all. “It’s a bit Big Brother,” she worries. “I’d be scared that, all of a sudden, every camera everywhere would recognise my face. Not that I’m a criminal or anything — it’s just part of my privacy.” She said it would “probably” stop her going into a club.
Matt is a web developer. He’d go into a club with facial recognition, but under duress. “My worry is about ending up on some kind of centralised database, but I would go in only for the reason that I think they [the government] have already got my face. I’m sure they’re already employing this technology. The marketing stuff worries me, too, I would opt out; I wouldn’t want them to make money [from my data].”
The Deltic Group owns all of the venues that are currently using this technology. It’s Britain’s biggest nightclub chain and, interestingly, business partners with Yoti. DJ Mag has learned that another 30 venues, all owned by The Deltic Group, have Yoti’s technology installed ready to use, but are not using it yet. They’re waiting for the local councils respective licensing committees to decide whether or not it’s a legal form of ID. The creators of Yoti also told DJ Mag that they are also about to put on a string of student nights across the country, where entry will be granted with the app.
The Deltic Group owns UK brands such as PRYZM, eden, ATIK, and Bar&Beyond. These are commercial or student-focused clubs. Whilst facial recognition technology hasn’t permeated underground club culture, it arguably sets a dangerous precedent. Smaller, underground clubs, with limited funds and influence — and often queer audiences, who typically demand privacy — have to strictly adhere to the rules set by local councils and licensing committees in order to stay open. It’s these clubs that would suffer if this technology was to become the norm.
Yoti is built in a way that means it can’t track its users, or financially benefit from the data it stores. But they are partnered with The Deltic Group, whose marketing director, Tim Howard, confirmed to DJ Mag that they do plan to use clubbers’ data, if they consent, in order to sell more tickets and drinks, and maximise their profits.
“We do that already anyway,” he says. “Our data, and our understanding of data, is incredibly important to be successful in business now. You have to know what your customers do and what they want to do. This is all opt-in. If you pre-book, we know your frequency of visit. If you buy a booth with a bottle of vodka and we know you come [to the club] every three or four months, and you’ve given us permission [to use your data], we’ll probably call you after two months and book you in for your visit in two months’ time.”
How does that work exactly? “The customer has to give us the data to say that they are over 18-years-old to come in,” Howard says, “and at the same time, the doorman may say, ‘would you like to receive any…?’ Or you might have a poster up, or whatever it is. If so, [the customer will] press the ‘permissions’ button. That will update and send that person to our database.” Howard recently presented to a Home Office committee on “why we need” facial recognition in nightclubs, and urged them to update legislation accordingly.
We asked if clubbers could give informed consent for their personal data to be collected if they had consumed alcohol or other drugs while doing so. “Erm, yeah, they could probably do it if they were a three-year-old child,” Howard remarks flippantly. Will The Deltic Group sell this data on to third parties? “We don’t do that,” he claimed. “Our data is for our business.” Could the data find its way onto any government databases? “Not that I’m aware of. The police certainly walk away from the ID scan capability and Yoti doesn’t hold the data, the customer does.”
Meggie, a musician, is not keen on the idea of all this. “Theoretically, no, I wouldn’t go in [to a club] if there was facial recognition software,” she tells me. “But I can imagine a scenario where I would: If I just found out at that moment, I was with people who were all going in and we’d travelled to get there.” A designer called Erin, on the other hand, said that it wouldn’t bother her at all. “I feel that everyone has my data anyway,” she says. “And I’m really not that interesting, so if they’re collecting my data that’s fine by me.”
Josh, a photographer, on the other hand, does care about his data being used. “I would want to know where the data is going,” he explains. “But at the same time, if it got to the point of being at a club, I would probably be too intoxicated and not aware of my situation to properly consent to any of it.”
As far as Howard is concerned, “the goodies will think it’s a great idea as they’ll get a more personalised service, and the baddies won’t like it because they will be banned.” The good guy/bad guy argument, also used by Yoti during our interviews, however, is a reductive one; if someone doesn’t want their nightly activities to leave a digital paper trail, are they ‘a bad guy’? What happens if they’re just a private person?
For a culture that was founded nearly four decades ago on the values of expression, escapism, and freedom, that wouldn’t just be ironic and depressing — it would directly undermine those values. What would be even more disheartening would be if The Deltic Group, who have serious vested interests in the widespread use of this technology, managed to successfully lobby the UK government into making facial recognition software compulsory in clubs.
A key element of a good club is a quality security team. Good door selection can’t be done by technology because it isn’t advanced enough to appreciate the cultural or sociological context of a party, and who it’s been put on for. It might work in airports or supermarkets, but it doesn’t extend to club culture.
The argument to have facial recognition in clubs is as much about monetising your data as it is about making the entry process more streamlined and improving safety. Arguably, this isn’t about security at all, it’s just big business. It might be fine for your mainstream super clubs, but it could be really damaging for independent, underground scenes. The corporate encroachment of underground clubbing culture should be resisted.
Copyright Thrust Publishing Ltd. Permission to use quotations from this article is granted subject to appropriate credit being given to www.djmag.com as the source.