Commercialization of Facial Recognition will eliminate privacy for the future generations

by Brian

Returned Peace Corps Volunteer, Systems Engineer, Papa, and eccentric individual.

Introduction

Individual privacy in the face of artificial intelligence, biometric facial recognition, and big data is increasingly under threat of disappearance from our government, technology companies, and society’s own best intentions. Unnecessary government intrusion into the private lives of citizens in the United States is a right protected by law. Due to extra-governmental advancements in biometrics and facial recognition technology, circumvention of the law is being made possible. Often the desire for additional surveillance technology comes from society’s perceived need for additional security through detection and observation. Long-term implications on individual privacy and the negative consequences of privacy loss from forming a surveillance society will be most damaging to the children and grandchildren of today.

Issue

The United States Bill of Rights 4th amendment to the Constitution is a safeguard for citizens against unnecessary intrusion into their privacy by the government:

“The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.” (Congress of the United States, 1789).

This safeguard is the basis requiring law enforcement to obtain a warrant prior to investigations into the lives of private citizens (Cornell Law School Legal Information Institute, 2017). Although the requirement for such a warrant prohibits unreasonable direct surveillance by law enforcement, new applications of technology allow law enforcement to indirectly surveil and circumvent the 4th amendment simply by asking your neighbors to spy on you instead. Requesting private citizens to surveil other private citizens has become simpler and with increased fidelity due to advances in biometric facial recognition. Once specific application of new technology that can allow for this legal blind spot is the Neighbors App by the video surveillance company Ring. Ring provides consumer-centric hardware and software and explicitly allows law enforcement to request access to data produced by this technology once it is installed. Ring’s parent company is the e-commerce giant Amazon, and therefore its products require different scrutiny than its competitors. This is due to the parent company’s advancing technology portfolio, specifically it’s facial recognition software. The Electronic Frontier Foundation (EFF) (Guariglia, 2019) considers Amazon’s Ring “A Perfect Storm of Privacy Threats” describing the dangers of how Ring partners with law enforcement to perpetuate local communities beliefs that surveillance is desirable, without informing those communities to the impact on privacy of individuals.

Findings

The Neighbors app allows police to request video and images taken from Ring devices in an area near where a crime may have taken place. According to the Neighbors website FAQ (Ring, 2019) and the Ring Law Enforcement Legal Process Guidelines (Ring, 2019) there exists no requirement for law enforcement to have a warrant so long as the owner of the data grants consent for its usage by Law Enforcement. Although users of the Neighbors app are notified when local law enforcement have both joined the Neighbors app, and are requesting video, there are no mechanisms to notify non-members. Individuals that are not members of the Neighbors app but live in the same physical community as app users, are given no notice they are under surveillance. This membership-only community removes all privacy protections for non-participants that happen to be in the images and video delivered from Ring to law enforcement, all without the requirement of a warrant.

Amazon in addition to its widely-known e-commerce business runs Amazon Web Services (AWS), which according to the technology advisory firm Gartner (Gartner, 2019) controlled 47.8% of the market and was the largest cloud-computing platform in 2018. AWS offers multiple services, including large-scale data storage, and high-performance databases. One service available on AWS is Amazon Rekognition. Rekognition is an artificial intelligence platform specializing in photo and video analysis, including facial analysis and facial recognition.[1]

According to the advocacy group Fight for the Future (Fight for the Future, 2019) Amazon Ring has denied connections between data provided by Ring to law enforcement agencies and the AWS Rekognition service. Law enforcement agencies can create a database of compiled from Ring data and automate the analysis of this data using AWS Rekognition. The output of this is personally-identifiable biometric profiles of local citizens easily saved on AWS cloud storage. These databases will grow over time through automated matching of new data against all individuals caught up in the database, including children. These long-running biometric databases will continually have new images of children as inputs, allowing complete histories of local children to be completely documented over their lifetime.

The long-term consequences of facial recognition according to Kugler (2019) will hinder the ability for individuals to retain their privacy from indiscriminate and pervasive biometric surveillance. Upon exiting the confines of their own home, regardless of their affiliation with a crime, citizens will be surveilled by the neighbors, business, and law enforcement (Nakar & Greenbaum, 2017). The long-term decrease to children’s’ future privacy was recently documented by the New York Times (Hill & Krolik, 2019) This article identified that photographs uploaded to the image-sharing platform Flickr were included in a research database with the purpose to improve facial recognition algorithms.. This database known as Megaface[2] has been shared openly since 2015. Several people interviewed in the article and included in the database had no understanding of how their photos or those of their children were going to be used.

Solution

Advancements in biometric facial recognition and surveillance technologies are unlikely to stop, or even slow down without the introduction of legislation designed to protect the privacy of individuals. Recently the European Union (EU) introduce the General Data Protection Regulation (GDPR) to protect the individual rights of EU citizens. In the GDPR individual citizens are granted eight rights regarding the usage of their personal data by 3rd-parties (European Commission, 2019).

These rights grant individuals the ability to identify what data is being collected about them, request corrections to inaccuracies, and even request the removal of all data. Under the GDPR companies that are found to have misused data, may receive fines of up to 4% of a company’s global revenue. Passing laws within the United States to protect individual citizens privacy would offer all citizens and their children a path out of a surveillance society, and incentivize companies to not run afoul of the law.

Although opt-out approaches to privacy protections like those found in GDPR are helpful, the Electronic Frontier Foundation (EFF) (Gebhard, 2019) advocates for legislation directing companies to implement opt-in approaches and that the “The default should be against collecting, using, and sharing personal information.” Implementing strong privacy laws designed to minimize unnecessary data collection will protect generations to come from having unnecessary surveillance following and cataloging them through their childhood and into the future.

Conclusion

The more time an individual is exposed to having facial images collected and identified, the more likely these individuals will have entire catalogs of their lives recorded by unknown third parties and stored in perpetuity. Databases created from myriad sources, not just Ring data, will be filled with personally-identifiable age-progressed histories of any given individuals. A child born today will have had exposure to facial recognition for the remainder of his or her life. Every time a child rings a smart doorbell like the Ring, they risk another possible exposure to forever being recorded, identified, and profiled in a machine-searchable biometric database.

Neither the advancement of surveillance equipment or the algorithms to produce biometric databases should be stopped arbitrarily to protect privacy. The United States can legislate the implementation of national privacy laws similar to those recently passed in the European Union. Laws prohibiting collection in the first place, or laws similar to the GDPR “right to be forgotten” and mandatory removal of unnecessary data like photos and biometric data from datasets can provide individuals significant leverage to regain and maintain their privacy and that of their children.

[1] Read full description for Amazon Rekognition service for additional features to assist facial recognition. https://docs.aws.amazon.com/rekognition/latest/dg/what-is.html

[2] Megaface is an existing database used to train facial recognition software, and a common reference for the dangers of biometric databases. https://megapixels.cc/datasets/megaface/

 

References

Congress of the United States. (1789, March 4). Bill of Rights. Retrieved from https://www.archives.gov/founding-docs/bill-of-rights-transcript

Cornell Law School Legal Information Institute. (2017, June). FOURTH AMENDMENT: AN OVERVIEW. Retrieved from Legal Information Institute: https://www.law.cornell.edu/wex/Fourth_Amendment

European Commission. (2019, October 27). What are my rights? Retrieved from European Commission Home: https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens/my-rights/what-are-my-rights_en

Fight for the Future. (2019, October 7). Open letter calling on elected officials to stop Amazon’s doorbell surveillance partnerships with police. Retrieved from Fight for the Future: https://www.fightforthefuture.org/news/2019-10-07-open-letter-calling-on-elected-officials-to-stop/

Gartner. (2019, July 19). Gartner Says Worldwide IaaS Public Cloud Services Market Grew 31.3% in 2018. Retrieved from Gartner.com: https://www.gartner.com/en/newsroom/press-releases/2019-07-29-gartner-says-worldwide-iaas-public-cloud-services-market-grew-31point3-percent-in-2018

Gebhard, G. (2019, June 17). Electronic Frontier Foundation. Retrieved from EFF’s Recommendations for Consumer Data Privacy Laws: EFF’s Recommendations for Consumer Data Privacy Laws

Guariglia, M. (2019, August 8). Amazon’s Ring is a Perfect Storm of Privacy Threats. Retrieved from Electronic Frontier Foundation: https://eff.org/deeplinks/2019/08/amazons-ring-perfect-storm-privacy-threats

Hill, K., & Krolik, A. (2019, October 11). How Photos of Your Kids Are. Retrieved from nytimes.com: https://www.nytimes.com/interactive/2019/10/11/technology/flickr-facial-recognition.html

Kugler, L. (2019, February). Being Recognized Everywhere: How facial and voice recognition are reshaping society. Communications of the ACM, 62(2), 17-19. doi:10.1145/3297803

Nakar, S., & Greenbaum, D. (2017). NOW YOU SEE ME. NOW YOU STILL DO: FACIAL RECOGNITION TECHNOLOGY AND THE GROWING LACK OF PRIVACY. Journal of Science & Technology Law, 27(1), 88-123. Retrieved October 27, 2019, from http://eds.a.ebscohost.com.ezproxy.umuc.edu/eds/pdfviewer/pdfviewer?vid=4&sid=453a22e0-b056-42a3-a034-4d27e0a033cf%40sessionmgr4008

Ring. (2019, October 27). How Law Enforcement Uses the Neighbors App. Retrieved from Ring.com: https://support.ring.com/hc/en-us/articles/360031595491-How-Law-Enforcement-Uses-the-Neighbors-App

Ring. (2019, October 27). Law Enforcement Legal Process Guidelines. Retrieved from Ring.com: https://support.ring.com/hc/en-us/articles/360001318523-Law-Enforcement-Legal-Process-Guidelines

 

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.