The following article first appeared on The Record on December 8, 2025.
Security experts from the University of Waterloo and Toronto Metropolitan University and cybersecurity firm Surfshark raise concerns about the security and safety hazards of having billboard ads that can scan faces.
Billboard advertisements like ones inside Toronto’s Union Station aren’t just ads, some are equipped with recording cameras with the capability to detect your face, too, raising concerns about the dangers of facial detection technology.
Now, the Privacy Commissioner of Canada, Philippe Dufresne has opened an investigation into privacy concerns related to digital signs.
“The investigation will examine whether the technology is being used in compliance with the Personal Information Protection and Electronic Documents Act (PIPEDA), Canada’s federal private-sector privacy law,” a representative from the Office of the Privacy Commissioner told Metroland Media.
“As this matter involves an active investigation, the Office of the Privacy Commissioner of Canada is not in a position to provide further details at this time.”
Toronto billboard ads’ face detection cameras draw outrage
Early this month, a post on Reddit drew outrage after the poster raised concerns about some billboards near the Union Station Bus Terminal. The billboards, the poster said, have been scanning people’s faces using an embedded camera.
The Toronto Star reached out to a representative from the software company who explained that the cameras use “facial detection” for audience demographic estimation only and not “facial recognition” technology. “No data unique to an individual is ever generated,” and no biometric information is extracted by the video sensors, the company explained.
A representative for the company also told the Star, the team consulted the Office of the Privacy Commissioner of Canada (OPC) and that the company adheres to the OPC’s guidance.
However, experts are not convinced.
Ontario experts raise alarms over dangers of facial detection technology
Charles Finlay, founding executive director of the Rogers Cybersecure Catalyst at the Toronto Metropolitan University, said capturing biometric data opens it to misuse.
“Although signage operators claim they won’t be storing identifiable images and the data is only available for milliseconds, we are still placing a lot of trust in their word. That is where the risk begins,” he told Metroland Media.
Capturing data like people’s images, age or gender without explicit consent opens the door to misuse and issues of transparency about what is collected, how it’s stored, who can access it, and for how long, he explained.
Interconnected devices and systems like these digital billboards, may have vulnerabilities that cybercriminals can exploit to intercept, monitor, and use the data these collect regardless of the company’s original intention, he warned.
Like Finlay, Diogo Barradas, associate director for the Cybersecurity and Privacy Institute at the University of Waterloo, was concerned about this practice.
Barradas, whose expertise focuses on network security and privacy and digital forensics, said these types of billboards could be repurposed for large scale video monitoring. Imagery collected could potentially be upgraded to go beyond demographic identification to eventually identify individuals.
Billboards can be hijacked by cybercriminals
More alarming is the possibility of cybercriminals hijacking the kiosk’s cameras and its storage components for more nefarious intents, he warned.
“Unfortunately, experience has told us in the past, (that) many ill-configured IoT/camera devices have fallen prey to hackers and can be found using Shodan, a search engine designed for finding multiple network-connected devices.”
Even without storing the video, digital logs of faces and metadata like time stamps could facilitate matching the same individual across different services, creating an “economy of sorts.”
Cybercriminals can also potentially exfiltrate the video footage and process it in a way that’s different from what the company intended. For instance, extracted videos can be used to create digital doppelgangers of the person.
What is a digital doppelganger?
A digital doppelganger is an AI-generated version of a person designed to mimic speech, appearance, and behaviours.
Barradas said, if these billboards get compromised, “the face of some bystander in front of the kiosk could later be used to produce deepfake imagery.”
This deepfake image can then be used to fabricate videos of the person to show them committing a crime or placing them in some uncomfortable setting.
“Complete transparency about the algorithms that are running inside the billboards would go a long way for minimizing these concerns,” he said.
Tomas Stamulis, chief security officer for cybersecurity company Surfshark, believes people captured in these short clips can be re-identified and images captured pose a security hazard.
Systems like these, he explained, capture short videos, extract facial embeddings or other biometric features and can tie these with other data sources like payment history or loyalty programs. “That correlation can quickly turn ‘anonymous’ into re-identifiable,” he said.
It’s a security and privacy hazard
The risk isn’t only the capturing of images but there’s also the issue of unclear data flow. Without meaningful opt-in/opt-out and disclosure of where recordings and derived biometrics go, a sensitive, high-value data set that is moved across vendors is created, posing a security and privacy hazard due to unclear controls, he explained.
“Even if today’s setup claims to meet privacy standards, policies or system configurations can change, and breaches or insider misuse can occur without anyone noticing,” Stamulis warned.
“Scanning faces in public spaces — especially without explicit consent — should be treated as a material privacy risk with a high likelihood of abuse.”
The rise of digital doppelgangers weaponized against you
Data from a recent study by Surfshark found that Canada ranks sixth in the world in terms of leaked biometric data, including Canadians’ eye and hair colour, weight, height, and even shoe size.
Along with login credentials, exposed biological identifiers “paint a disturbingly complete picture that enables account takeovers, very personalized and sophisticated identity theft, financial loss, and fraud schemes,” the company said in a news release sharing the findings.
“We have entered an era where your digital self can be weaponized against you in frighteningly realistic ways,” said Sarunas Sereika, senior product manager at Surfshark.
Leaked data about a person’s biometrics enable cybercriminals to create digital doppelgangers or fake digital profiles with real-world characteristics.
“While you can change your password or username, changing identifying features such as height or eye colour is not feasible,” the company said, adding this type of leaked information adds a disturbing layer of physical reality to a digital identity, equipping fraudsters with details that can make impersonation and exploitation attempts far more sinister.