Retail Loss Prevention and In-Store Privacy: A Guide
In recent years, Canada has experienced a concerning surge in shoplifting incidents, a trend potentially exacerbated by economic factors such as inflation. As the guardians of a retailer's assets, loss prevention personnel find themselves on the frontline in addressing this growing challenge. However, in the pursuit of securing business interests, it is imperative to recognize the delicate dance between protecting assets and upholding privacy rights.
Often overlooked, the collection of personal information is an inherent part of loss prevention practices. In an era where technology has revolutionized surveillance tools, the extent of data collection has reached unprecedented levels, encompassing not only basic details but also sensitive personal information and even biometric data. The potential for unintended privacy breaches intensifies with the leverage of advanced technologies, making it imperative for loss prevention personnel to be well-versed in privacy and ethical data collection, use and disclosure practices. While the primary mandate of loss prevention is to curb theft, fraud, harassment, assault and vandalism, the significance of integrating privacy compliance efforts into these strategies cannot be overstated.
The Loss Prevention and In-Store Privacy Guide aims to shed light on the evolving landscape in which loss prevention and shopper privacy are two realms that are not mutually exclusive, emphasizing the need for a comprehensive approach that not only safeguards a retailer's bottom line but also aligns with privacy legislation. This Guide also explores best practices, legal considerations, and innovative approaches that empower loss prevention personnel to navigate this complex landscape effectively, fostering a secure and privacy-respecting retail environment. Various topics are considered in the Guide, including:
The legal test for the collection, use and disclosure of personal information for the purpose of loss prevention
When and how to seek consent, as well as when consent is not necessary
Security considerations including who has access to personal information
When you can disclosure personal information such as to law enforcement, a loss prevention network, or internal stakeholders
How long to retain data collected for the purpose of loss prevention
Employee considerations when surveilling staff
The use and prohibited use of facial recognition technology
Finally, the Guide outlines how to best work with your Privacy Officer to meet your loss prevention goals while still acting responsibly and reducing unintentional privacy breaches that can put the business at significant risk, including hefty fines, class-action lawsuits, business disruption, and reputational harm.