State Senator James Maroney (D-Milford) and Senate Majority Leader Bob Duff (D-Norwalk) recently announced legislation to ban facial recognition technology in Connecticut retail establishments. The proposal, slated for the 2026 legislative session, would prohibit stores from collecting and storing customers’ biometric data without consent.
The catalyst? A viral discovery that Wegmans stores in New York City were posting legally-mandated signs informing shoppers that the grocer “collects, retains, converts, stores or shares” facial recognition data, eye scans, and voiceprints. With Wegmans planning a new store in Norwalk, Connecticut lawmakers want to act before similar practices spread here.
I understand the privacy concerns. Senator Maroney is right that “biometric data cannot be changed like passwords if compromised.” And I respect his work on data privacy—his efforts on the Connecticut Data Privacy Act have earned national recognition . I spoke with Senator Maroney once—he called me after I submitted a question following an electronic town hall. We had a good conversation about EVs. When he asked where I lived, he mentioned that he ran a business in the same mixed-use building years ago. He’s thoughtful on technology issues.
But I’m skeptical about this particular policy. Here’s why.
What Retailers Are Actually Doing
The proposed ban frames facial recognition as invasive surveillance of ordinary shoppers. But major retailers aren’t scanning your face to build marketing profiles—they’re tracking organized theft rings that cost the industry billions annually .
Target operates what may be the most sophisticated retail loss prevention operation in the country. Their Minneapolis forensics lab —accredited by the American Society of Crime Laboratory Directors, putting it on par with FBI facilities—has handled over 10,000 forensic examinations. The company has used facial recognition since 2011 to identify repeat offenders across stores and state lines.
Here’s the strategy: Target deliberately allows theft to accumulate until it reaches felony thresholds. While Walmart’s loss prevention might stop someone stealing a $5 item, Target might let that person steal $5 items a hundred times—all while building a comprehensive case. When the accumulated value crosses into felony territory (ranging from $250 to $1,000 depending on the state), police are waiting at the door.
This isn’t speculation from YouTube police videos. It’s documented practice . Target’s forensics lab assists FBI, IRS, and police departments in multiple states. They’re not just protecting their own inventory—they’re helping dismantle organized crime networks.
Wegmans, for its part, says it only uses facial recognition at stores with “elevated risk” and only to identify individuals “previously flagged for misconduct.” Whether you believe that’s the full story is another matter, but the stated purpose is security, not marketing.
The Organized Retail Crime Problem
This matters because organized retail crime isn’t a theoretical concern in Connecticut—it’s an active, cross-state operation.
In September 2025, thirteen individuals were charged in a $2.2 million theft ring that targeted Home Depot locations across New York and eight other states over 13 months. The stolen goods—power tools, building supplies—were sold to “fences” who placed specific orders for items to steal.
Connecticut State Police recently arrested individuals connected to over 200 documented theft incidents across New England, totaling more than $365,000 in stolen merchandise. A federal indictment in Connecticut charged seven people in a jewelry theft ring that hit the Connecticut Post Mall in Milford—Senator Maroney’s district, and just down the street from where I live—along with locations in New Jersey, Virginia, and New York, with losses exceeding $1.28 million.
The National Retail Federation’s 2025 report found shoplifting incidents increased 19% from 2024, compounding a 26% increase the prior year. Eighty-three percent of surveyed retailers reported that aggression and violence levels are the same or higher than last year. Sixty-six percent reported transnational organized crime involvement in thefts.
These aren’t kids pocketing candy bars. These are sophisticated operations that exploit jurisdictional boundaries and policy differences.
The Unasked Question
Which brings me to the question I haven’t seen anyone ask: If Connecticut bans facial recognition in retail while neighboring states don’t, does that make us a softer target?
The U.S. Chamber of Commerce explicitly warns that “organized retail theft rings exploit local laws, intentionally stealing no more than the dollar-amount threshold to be considered felony theft.” They recommend states pass legislation to “enable the aggregation and prosecution of offenses across state lines” precisely because criminals exploit policy differences between jurisdictions.
Connecticut already has a relatively high felony theft threshold of $2,000. Add a ban on the primary technology retailers use to identify repeat offenders, and you’ve created an environment where:
- Organized theft rings can operate without being tracked across visits
- Retailers can’t build cumulative cases against repeat offenders
- The same individuals can hit multiple stores without being flagged
- Connecticut becomes measurably more attractive than New York, where facial recognition remains legal
New York is aggressively cracking down on organized retail theft . Governor Hochul’s budget now allows prosecutors to aggregate stolen goods values across stores. If New York tightens enforcement while Connecticut restricts retailers’ primary identification tool, basic economics suggests some theft operations will shift.
I’m not aware of empirical studies directly measuring this effect—the technology and the bans are both too new. But the logic seems straightforward. Criminals are rational actors who respond to incentives. A jurisdiction where you can’t be identified is preferable to one where you can.
The Privacy Trade-off
None of this means privacy concerns are invalid. The FTC banned Rite Aid from using facial recognition for five years after finding its system produced false positives that led to wrongful accusations—disproportionately affecting people of color. That’s a real harm.
And Wegmans’ signage is genuinely unsettling. Those signs say they may collect eye scans and voiceprints, not just facial geometry. That goes well beyond identifying known shoplifters.
But a ban is a blunt instrument. It doesn’t distinguish between:
- Scanning every customer who walks in (invasive)
- Checking faces against a database of known offenders (targeted security)
- Building biometric profiles for marketing (clearly wrong)
- Retaining data for years vs. discarding it immediately
A more nuanced approach might require consent for general collection, permit matching against documented offenders, mandate disclosure of what’s collected, and set retention limits. Illinois has biometric privacy laws requiring written permission before gathering biometric data—strict, but not an outright ban.
Where I Land
I don’t have a financial interest in retail security. I’m not opposed to Senator Maroney—he’s done good work on technology policy, and his instincts on data privacy are consumer friendly.
But when I weigh the abstract privacy concern of having my face checked against a shoplifter database (something I’d never know happened and that would never affect me as a non-shoplifter) against the concrete possibility that organized theft rings will shift operations to Connecticut because we’ve made their job easier, I find myself skeptical of the ban.
The question isn’t whether facial recognition can be misused—it can. The question is whether an outright ban is the right response, or whether we’re solving one problem while creating another.
Retailers aren’t asking to surveil everyone. They’re asking to identify people who have already stolen from them. That seems reasonable. The implementation details matter, and maybe those should be regulated. But banning the technology entirely feels like we’re optimizing for a privacy concern while ignoring a security reality.
I’d rather see legislation that puts guardrails on how the technology is used than a ban that removes it from Connecticut retailers’ toolbox entirely—especially when our neighbors aren’t doing the same.