Data harvesting at the grocery store: Wegmans in NYC now scanning all customers in the name of safety
By willowt // 2026-01-06
Copy
 
  • Wegmans grocery stores in New York City have begun collecting and storing customers' biometric data, including facial scans.
  • The policy is an expansion of a 2024 pilot program that initially promised to delete shopper data.
  • A 2021 NYC law requires businesses to post signs about biometric collection, but lacks a direct enforcement mechanism.
  • The practice raises significant privacy and civil liberty concerns, particularly regarding data security and potential bias.
  • Proposed legislation to ban such collection in NYC has stalled, leaving regulatory gaps.
In the heart of New York City, a routine trip to the grocery store now involves a transaction far more personal than money for food. Wegmans, the popular supermarket chain, has quietly expanded a program to collect and store the biometric data—including facial recognition scans—of every customer who walks into its Manhattan and Brooklyn locations. This move, implemented in early 2026 under the banner of safety, marks a significant escalation in corporate surveillance and tests the limits of a city law designed to provide transparency, all while proposed bans on the practice remain stalled. The expansion highlights a growing tension between security, commerce and the fundamental right to privacy in public spaces.

From pilot to policy: The expansion of surveillance

The current program is not Wegmans' first foray into biometrics. In 2024, the company initiated a pilot, assuring the public that the system was limited to a small group of employees and that any customer data accidentally collected would be deleted. The new signage, posted in January 2026, signals a decisive shift. It makes no such promises of deletion for shoppers, instead stating broadly that the chain "collects, retains, converts, stores or shares customers’ biometric identifier information." While the company now clarifies that it only stores facial recognition data to identify individuals previously flagged for misconduct, the foundational principle has changed: entering the store means potentially submitting to a permanent, digital fingerprint of your face.

A law without teeth: NYC’s notification mandate

Wegmans’ actions bring into sharp focus the efficacy of New York City’s Biometric Identifier Information Law, which took effect in 2021. The law mandates that businesses collecting such data must post "clear and conspicuous" signs at entrances. On a technical level, Wegmans is in compliance by posting notices. However, the law's critical flaw, as confirmed by the Department of Consumer and Worker Protection, is the lack of a direct government enforcement mechanism. The onus is placed on private citizens to sue for violations—a daunting prospect for the average shopper. This structure creates a regime of disclosure without meaningful deterrence, echoing past failures where companies like Amazon allegedly ignored the posting requirement for over a year until exposed by media.

The chilling precedent of unchecked data harvesting

The historical context for concern is rich and troubling. The Wegmans expansion follows high-profile controversies that demonstrate the potential for abuse. In 2023, Madison Square Garden CEO James Dolan infamously used facial recognition to identify and bar entry to attorneys involved in litigation against his company, weaponizing biometrics for corporate retaliation. Furthermore, a 2024 Federal Trade Commission action against Rite Aid revealed its facial recognition system had falsely and disproportionately tagged people of color and women as likely shoplifters, leading to humiliation and wrongful accusations. These incidents underscore that the risks extend beyond abstract privacy: they encompass discrimination, the chilling of legal activity, and the creation of databases that could be vulnerable to hackers or, as privacy advocates warn, accessed by agencies like Immigration and Customs Enforcement (ICE).

The stalled response and a surveillance marketplace

Despite these demonstrable harms, legislative action in New York City has faltered. A bill introduced in 2023 by Councilmember Shahana Hanif, which sought to ban most private use of biometric identification, has languished. In the regulatory vacuum, a new marketplace norm is emerging. Other chains like Fairway Market and Westside Market already employ similar systems, suggesting a creeping normalization of biometric surveillance as a standard retail practice. Companies argue the technology is a necessary tool for loss prevention and safety in high-risk locations. Yet, without robust, enforceable safeguards governing data retention, sharing and algorithmic bias, the expansion transforms public accommodations into zones of passive identification, where customers trade biometric data for entry as a condition of modern commerce.

A choice at the checkout

The signage now posted at Wegmans represents more than a legal notice; it is a threshold. It asks consumers to consider what they are willing to surrender for convenience and perceived security. While the company states it understands concerns about bias and uses the technology as only one investigative lead, the history of such systems and the lack of strong oversight offer little comfort. The situation in New York City serves as a national bellwether, illustrating the rapid advancement of corporate surveillance capabilities against the slow grind of privacy law. As shoppers pass under the silent gaze of these scanners, the question remains whether transparency alone is sufficient, or if the right to move through public life without being digitally cataloged requires a more vigorous defense. The grocery aisle has become the latest frontier in the battle for personal autonomy in the digital age. Sources for this article include: 100PercentFedUp.com Gothamist.com NYPost.com
Copy