Thursday, June 16, 2011

Facial Recognition Technology Comes to Facebook - Without Consent

As someone on Facebook, I don't want to sound overly melodramatic...but man is this creepy. Once again, Mark Zuckerberg, despite what you may think about the social network he ostensibly created, has proven himself to be an enemy of privacy if there ever was one.

I speak of the recent revelations that Facebook began utilizing facial recognition technologies without consumer consent.  And now, thanks to the Electronic Privacy Information Center, the first complaint to the Federal Trade Commission has been filed.

In addition to EPIC, there's also the reliable privacy stalwart in the House, Rep. Ed Markey, also calling on the FTC to look into this latest, in a long line, of privacy violations by the social networking site.

Not surprisingly, the European Union has launched an investigation into the feature, and Ireland and the UK's data protection officials are also in the midst of an inquiry. 

AS reported by PC World, "EPIC's central argument seems to be that Facebook may have run afoul of consumer protection laws with how it rolled out the feature. The site gave little warning to users that it was going live, and only admitted the procedure was a mistake after the fact."

"When it comes to users' privacy, Facebook's policy should be: 'Ask for permission, don't assume it,'" Rep. Markey said in a statement. "Rather than facial recognition, there should be a Facebook recognition that changing privacy settings without permission is wrong."

Indeed, EPIC highlighted in its complaint Facebook's seemingly careless attitude when it comes to changing user's privacy settings. EPIC cited the company's Beacon service, as well as the company's controversial policy of having a right to your data, even after you delete your account.
"Users could not reasonably have known that Facebook would use their photos to build a biometric database in order to implement a facial recognition technology under the control of Facebook," the complaint reads in part.
In addition to calling for the FTC to force Facebook to stop using facial recognition, EPIC is also asking the agency to require the company to develop a "comprehensive privacy plan," and forbid the site from reintroducing such a feature until its opt-out system is improved and "appropriate security safeguards" are established.

In other words, FB  is suggesting to your friends to tag you without asking you if its okay first. Like most Facebook features, the default setting for facial recognition is "on" - and users must "opt out"...instead of the always more preferable opt-in.

PC World has more: 

...if I upload six photos of my friend Kaitlin, Facebook may "recognize" her face (thanks to other tagged photos of her on the website) and "suggest" that I tag her in those six photos. This makes the tagging process a little easier for me--after all, aren't I more likely to tag Kaitlin if all I have to do is click a button that says "yes, tag away"? Another "benefit" is that I can tag all of these photos of Kaitlin at once--as Facebook said in a blog post, isn't it a whole lot better to be able to tag all of those photos of Kaitlin at once, instead of having to tag each one individually?

Sure, I guess it's easier. Easier for Facebook to invade my privacy, that is.

Ok, I know I sound a little melodramatic. But let's take a look at some facts here:

- Facebook has 600 million members....Each day, Facebook's members upload over 200 million photos, and Facebook currently hosts over 90 billion photos.

- Each time you "tag" a photo on Facebook, its facial recognition technology learns more about what that person looks like.

- Even if you happen to "opt out" of the facial recognition tagging, Facebook's technology can surely use the tagged photos of you (hey, perhaps even the tagged photos of you that you end up un-tagging) to figure out what you look like.

- Right now Facebook is using this technology to help people tag photos. But once they have an accurate facial recognition database of several hundred million people? Hmm.
 

...

Opting out of the service doesn't mean Facebook will stop trying to recognize your face--it just means that Facebook will stop suggesting that other people tag you. Even Google has noted the utter creepiness of facial recognition technology (though I suspect they're just waiting for Facebook to get burned).

Facial recognition technology will ultimately culminate in the ability to search for people using just a picture. And that will be the end of privacy as we know it--imagine, a world in which someone can simply take a photo of you on the street, in a crowd, or with a telephoto lens, and discover everything about you on the internet.


Obviously, we can't stop the world of technology from moving toward the development of accurate facial recognition software. But so far, no facial recognition software has really been a threat to our privacy, because nobody has that huge database of people and photos required. Oh wait, except Facebook totally does. 

This all goes back to a familiar topic of discussion on this blog, and that's data ownership. Clearly, Facebook believes your data is its data, to do with as it pleases. As I have written here before, I have a different perspective. Some questions to ponder then becomes, What kind of control should we have over our own data?

The argument by some, such as Mark Zuckerberg, is that all information should be public
, and as time goes on we'll only be sharing more of it. In addition, we all will benefit from this communal sharing of private information in ways yet to even be discovered. Already, from this sharing, we forge more online friendships and connections, old friends are reconnected, distant parents see pictures of their kids' day-to-day activities, jobs might be more easily found due to our profiles being more public, internet services improve as companies like Facebook and Google learn about peoples' Web browsing histories, sites are able to tailor content to the user, and so on, and so forth.

What concerns me is what are the side effects of living in a society without privacy? Not just on the net, or about our personal habits, but from the watchful eye of government, be it the knowledge that we could be wiretapped, that smart grid monitors are daily in home habits, that our emails can be intercepted, that our naked bodies must be viewed at airports, that our book purchases can be accessed (particularly if Google gets its way and everything goes electronic), that street corner cameras are watching our every move, that RFID tags allow for the tracking of clothes, cars, and phones...and the list goes on.

For more information on the general concept of biometrics and facial recognition as related to a National ID card, check out my post from May of 2010.

No comments: