Question of the Week: Smart Glasses and Privacy Risks

Fri March 20, 2026

Question: 

We have some members who have been using smart glasses inside the credit union. What kinds of things should we be concerned about, and how can we mitigate any privacy risks?


Answer: 

Smart glasses are becoming an increasingly popular wearable device, combining features such as AI, high-definition cameras, apps, and hands-free functionality in a relatively discreet form. While they may raise additional privacy and security questions for a credit union, many of those concerns can often be addressed through existing security and privacy policies.

Those policies should address how member information is protected, where recording is prohibited, what areas of the credit union are off-limits to members, and how employees should respond to suspected privacy or security incidents. Policies should also address employee conduct, including clean-desk practices, prohibitions on unauthorized photography or recording in employee-only areas, and general safeguards for member information. Particular care should be taken in areas where account information, identification documents, or other nonpublic personal information may be visible.
The risks posed by smart glasses are similar in many ways to those posed by smartphones, but with some added concerns. For example, smart glasses may be less noticeable and, in some cases, may be worn as prescription eyewear, making them less practical to remove. At the same time, some smart glasses include features intended to make recording more apparent or limited, such as:
  • Bright LEDs on front-facing cameras,
  • Audible sounds when taking a photo or starting a recording,
  • Cameras placed in visible locations on the frame,
  • A field of view limited to what is directly in front of the wearer, and
  • User actions, such as voice commands, needed to initiate certain functions.

Even so, these features may not fully eliminate privacy concerns. A credit union should be prepared to enforce its existing policies where appropriate, including restricting access to sensitive areas, asking a member to discontinue certain conduct, or requiring the member to use alternative service channels if necessary. Staff should also know when to escalate concerns to a supervisor or security officer if a member appears to be recording in a prohibited area. Those options should be reflected in the credit union’s restriction or denial of services policy.

For model policies that cover access restrictions and information security, see CU PolicyPro policies 4120 – Information Security, and 4100.10 – General Security Procedures. 

Subscribe

Sign up to the receive the weekly Compliance Watch newsletter email. Existing subscribers can manage their subscription.

Subscribe

Compliance Questions?

Cornerstone members have access to a wide variety of  compliance assistance.

Podcast

Podcast

Listen