Is Wegmans Collecting Biometric Data On MD Shoppers? What To Know About Controversial Policy

Wegmans, which has more than 100 grocery stores in 10 states, including Maryland, has begun scanning the faces of anyone who enters select stores, sparking privacy concerns and testing customer loyalty.

Signs at Manhattan and Brooklyn Wegmans locations advise customers and employees that the store is collecting and storing biometric data on their faces, eyes and voices to “protect the safety and security of our patrons and employees,” according to reports, including from the Gothamist and CBS News.

The Rochester, New York-based supermarket chain’s scanning policy is an expansion of a 2024 pilot program. In a statement on its website, Wegmans said the facial recognition technology is being used “in a small fraction of our stores that exhibit an elevated risk,” but did not specify the stores where the technology has been deployed.

Wegmans has nine stores in Maryland, including locations in Bel Air, Columbia, Crofton, Frederick, Germantown, Hunt Valley, Owings Mills, Rockville and Woodmore.

What Wegmans Says

Wegmans said the technology is “solely used for keeping our stores secure and safe.” Also from the statement:

“The system collects facial recognition data and only uses it to identify individuals who have been previously flagged for misconduct. We do not collect other biometric data such as retinal scans or voice prints. Images and video are retained only as long as necessary for security purposes and then disposed of. For security reasons, we do not disclose the exact retention period, but it aligns with industry standards.

“Persons of interest are determined by our asset protection team based on incidents occurring on our property and on a case-by-case basis, on information from law enforcement for criminal or missing persons cases. We do not share facial recognition scan data with any third party.

“We understand concerns about fairness and bias in facial recognition systems. We employ a multitude of training and safety measures to help keep people safe. Facial recognition technology serves as one investigative lead for us. We never base our decisions on a single lead alone.”

Privacy Advocates Raise Concerns

Storing customers’ biometric data could expose them to risks from hackers or immigration enforcement, according to Will Owen, a privacy advocate with the Surveillance Technology Oversight Project, a nonprofit legal and advocacy group that fights against mass surveillance by state and local governments.

“It’s really chilling that immigrant New Yorkers going into Wegmans and other grocery stores have to worry about their highly sensitive biometric data potentially getting into the hands of ICE,” Owen told the Gothamist.

Michelle Dahl, the Surveillance Technology Oversight Project’s executive director, told CBS News that consumers have little recourse if the data stored is hacked or breached.

“You can’t change your face like you would change a password,” Dahl said. “It's also a civil rights issue. We know that these systems disproportionately misidentify and burden communities that are already targeted by police most often.”

Is Biometric Data Protected In Maryland?

Multiple bills to broadly ban facial recognition data storage have repeatedly stalled in Congress due to industry lobbying and political opposition. While no national ban exists, several states and cities have enacted their own regulations.

While Illinois, Texas, and Washington have dedicated biometric laws, the landscape is evolving, with most states addressing biometrics through their general consumer privacy laws, creating a complex compliance environment.

In Maryland, the collection of biometric data is addressed in the state’s Online Data Privacy Act (MODPA), which took effect on Oct. 1, 2025.

Under MODPA, businesses and other entities must limit the collection of personal data, including biometric data, to what is “reasonably necessary and proportionate to provide or maintain a specific product or service requested by the consumer,” which is more restrictive than most U.S. state comprehensive privacy laws.

Although the act is now in effect, it will not apply to any activities involving the processing of personal data that occurred before April 1, 2026.

What Customers Are Saying

Some customers are put off by the idea.

Rochester, New York, resident Nicholas Carducci told news station WROC the policy makes him less likely to shop at Wegmans, even though it’s his preferred grocery store.

“It’s too invasive,” Carducci said. “You need anonymity for life in the community that we live in.”

“I go to Wegmans pretty often right now,” Rochester resident Amy Starnes told WROC. “If they started doing that, I would rather shop at any other grocery store than Wegmans, before I give any place my biometric data.”

“Would love to know how stealing and storing my biometric data ensures the safety of ur employees,” one person said in a comment on the social media site X.

Other customers welcome the technology.

“I cannot blame the stores!” one person said in another thread on X. “Too many people thinking they can just steal, and they will get away with it. I hope all big stores start doing it! Stop the STEAL!”

“You never know for what purpose the information is being collected,” Ivan Klimkou told CBS News. “I mean, I’m not shoplifting, so it's no concern for me.”