Grab a cart, step through the automatic doors of a Bay Area Grocery Outlet, and a small sign informs you that “Face Matching software” is in use. Before anyone has touched a single avocado, a camera has already captured their face and run it against a database. At least four San Francisco locations — Mission, Portola, Bayview, and Richmond District — have posted these notices, according to Mission Local. The system is called SAFR Guard, and it scans every person who enters. Not just suspected shoplifters. Everyone.
How the System Actually Works
SAFR Guard checks your face against a store-built watchlist, then supposedly deletes the data — unless you’re flagged.
Cameras at store entrances capture facial data and compare it against a retailer-created watchlist of suspected shoplifters. No match? SAFR says your data is deleted immediately. A match triggers an alert to store employees. According to SAFR’s privacy policy, the system is not connected to law enforcement and has never shared shopper data with government agencies, including ICE.
The gap between SAFR’s claims and critics’ concerns is wide enough to drive a shopping cart through. Key points of contention include:
- SAFR says non-matched faces are deleted instantly, but critics point out the biometric scan still happens to every single person who walks in.
- The company says it has no law enforcement connection, yet critics warn the same infrastructure could be repurposed later — for worker surveillance, broader shopper tracking, or purposes nobody has publicly announced yet.
- Retailers also build their own watchlists with no independent oversight of who ends up on one.
- California law requires notice and an opt-out path, but for discount shoppers with no affordable alternative nearby, that opt-out is a hollow phrase.
- The FTC’s 2023 action against Rite Aid underscored the stakes: false identifications disproportionately affected women and people of color.
“A dragnet that scans everyone,” is how EFF’s Mario Trujillo described it…